GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,135
Composer 5,773
Erlang 55
GitHub Actions 50
Go 3,732
Maven 6,532
npm 6,042
NuGet 935
pip 4,952
Pub 13
RubyGems 1,055
Rust 1,343
Swift 54

Unreviewed advisories

All unreviewed 301,103

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

76 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords. Moderate Unreviewed

CVE-2025-67168 was published Dec 17, 2025

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS)... Moderate Unreviewed

CVE-2025-13532 was published Dec 16, 2025

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root"... Moderate Unreviewed

CVE-2025-41692 was published Dec 9, 2025

Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router ... Moderate Unreviewed

CVE-2025-46413 was published Nov 7, 2025

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara... High Unreviewed

CVE-2025-3937 was published May 22, 2025

A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low... Moderate Unreviewed

CVE-2025-24340 was published Apr 30, 2025

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as... Low Unreviewed

CVE-2025-2349 was published Mar 17, 2025

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed... High Unreviewed

CVE-2025-2265 was published Mar 13, 2025

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash... Moderate Unreviewed

CVE-2023-33838 was published Jan 29, 2025

An attacker could exploit the 'Use of Password Hash With Insufficient Computational Effort'... Critical Unreviewed

CVE-2024-5743 was published Jan 13, 2025

Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements... Moderate Unreviewed

CVE-2024-55057 was published Dec 17, 2024

Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona... Moderate Unreviewed

CVE-2024-7701 was published Dec 15, 2024

Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to... High Unreviewed

CVE-2024-23091 was published Jul 30, 2024

Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could... Moderate Unreviewed

CVE-2024-24553 was published Jun 24, 2024

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the... High Unreviewed

CVE-2024-3183 was published Jun 12, 2024

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting... Low Unreviewed

CVE-2024-21754 was published Jun 11, 2024

A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by... Low Unreviewed

CVE-2024-2365 was published Mar 11, 2024

The Priva TopControl Suite contains predictable credentials for the SSH service, based on the... High Unreviewed

CVE-2022-3010 was published Jan 2, 2024

Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers... High Unreviewed

CVE-2023-5846 was published Nov 2, 2023

** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an... Moderate Unreviewed

CVE-2022-47557 was published Sep 19, 2023

A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901.... Low Unreviewed

CVE-2023-4986 was published Sep 15, 2023

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an... High Unreviewed

CVE-2023-31412 was published Aug 24, 2023

PiiGAB M-Bus stores passwords using a weak hash algorithm. Critical Unreviewed

CVE-2023-34433 was published Jul 7, 2023

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows... High Unreviewed

CVE-2023-33243 was published Jun 15, 2023

A use of password hash with insufficient computational effort vulnerability [CWE-916] in... High Unreviewed

CVE-2022-26115 was published Feb 16, 2023

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

76 advisories