Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users... Critical Unreviewed
CVE-2018-15680 was published May 13, 2022
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%... High Unreviewed
CVE-2018-9233 was published May 13, 2022
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak... High Unreviewed
CVE-2020-16231 was published May 20, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a... Moderate Unreviewed
CVE-2019-12737 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17216 was published May 24, 2022
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating... Critical Unreviewed
CVE-2019-19735 was published May 24, 2022
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a... Moderate Unreviewed
CVE-2019-20062 was published May 24, 2022
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow... Moderate Unreviewed
CVE-2020-0533 was published May 24, 2022
In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash... Moderate Unreviewed
CVE-2019-12305 was published May 24, 2022
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative... Moderate Unreviewed
CVE-2020-27693 was published May 24, 2022
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500... Moderate Unreviewed
CVE-2020-6780 was published May 24, 2022
Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long... High Unreviewed
CVE-2020-28873 was published May 24, 2022
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an... Critical Unreviewed
CVE-2020-14516 was published May 24, 2022
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A... High Unreviewed
CVE-2019-20466 was published May 24, 2022
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for... High Unreviewed
CVE-2020-25754 was published May 24, 2022
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager... Critical Unreviewed
CVE-2021-32519 was published May 24, 2022
A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 /... High Unreviewed
CVE-2021-22774 was published May 24, 2022
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of... High Unreviewed
CVE-2021-32596 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the... Moderate Unreviewed
CVE-2021-38400 was published May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed
CVE-2021-23855 was published May 24, 2022
In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that... Critical Unreviewed
CVE-2021-36767 was published May 24, 2022
net-ldap has weak salt when generating passwords Moderate
CVE-2014-0083 was published for net-ldap (RubyGems) May 24, 2022
Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA ... Moderate Unreviewed
CVE-2021-22741 was published May 24, 2022
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered... Moderate Unreviewed
CVE-2021-38314 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database