GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,054
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements...
Moderate
Unreviewed
CVE-2024-55057
was published
Dec 17, 2024
Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona...
Moderate
Unreviewed
CVE-2024-7701
was published
Dec 15, 2024
Liferay Portal defaults to a low work factor for the default password hashing algorithm
High
CVE-2024-25607
was published
for
com.liferay.portal:com.liferay.portal.kernel
(Maven)
Feb 20, 2024
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the...
Critical
Unreviewed
CVE-2020-12069
was published
Dec 26, 2022
Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to...
High
Unreviewed
CVE-2024-23091
was published
Jul 30, 2024
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A...
High
Unreviewed
CVE-2019-20466
was published
May 24, 2022
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the...
High
Unreviewed
CVE-2024-3183
was published
Jun 12, 2024
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could...
Unknown
Unreviewed
CVE-2024-24553
was published
Jun 24, 2024
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting...
Low
Unreviewed
CVE-2024-21754
was published
Jun 11, 2024
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating...
Critical
Unreviewed
CVE-2019-19735
was published
May 24, 2022
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an...
High
Unreviewed
CVE-2023-31412
was published
Aug 24, 2023
PiiGAB M-Bus stores passwords using a weak hash algorithm.
Critical
Unreviewed
CVE-2023-34433
was published
Jul 7, 2023
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows...
High
Unreviewed
CVE-2023-33243
was published
Jun 15, 2023
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17216
was published
May 24, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a...
Moderate
Unreviewed
CVE-2019-12737
was published
May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an...
Moderate
Unreviewed
CVE-2022-47557
was published
Sep 19, 2023
Serverpod improved security for stored password hashes
Moderate
CVE-2024-29886
was published
for
serverpod_auth_server
(Pub)
Mar 28, 2024
A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by...
Low
Unreviewed
CVE-2024-2365
was published
Mar 11, 2024
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40...
Moderate
Unreviewed
CVE-2008-1526
was published
May 1, 2022
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting...
High
Unreviewed
CVE-2001-0967
was published
Apr 30, 2022
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for...
Moderate
Unreviewed
CVE-2002-1657
was published
Apr 30, 2022
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the...
High
Unreviewed
CVE-2005-0408
was published
May 1, 2022
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local...
Low
Unreviewed
CVE-2006-1058
was published
May 1, 2022
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Critical
CVE-2023-46233
was published
for
crypto-js
(npm)
Oct 25, 2023
ProTip!
Advisories are also available from the
GraphQL API