Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140 advisories

Loading
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM)... High Unreviewed
CVE-2018-8916 was published May 13, 2022
Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with... Critical Unreviewed
CVE-2018-18871 was published May 13, 2022
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an... High Unreviewed
CVE-2017-7615 was published May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to... High Unreviewed
CVE-2017-9543 was published May 13, 2022
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application... High Unreviewed
CVE-2016-8716 was published May 13, 2022
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The... Critical Unreviewed
CVE-2018-16529 was published Apr 30, 2022
ZPanel 10.0.1 has insufficient entropy for its password reset process. Critical Unreviewed
CVE-2012-5686 was published Apr 23, 2022
pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users... Critical Unreviewed
CVE-2022-27157 was published Apr 16, 2022
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h... High Unreviewed
CVE-2021-43498 was published Apr 9, 2022
A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as... Critical Unreviewed
CVE-2022-1073 was published Mar 30, 2022
Forgotten password reset functionality for local accounts can be used to bypass local... High Unreviewed
CVE-2021-27654 was published Jan 29, 2022
An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other... Moderate Unreviewed
CVE-2021-44839 was published Jan 19, 2022
In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from... Moderate Unreviewed
CVE-2021-39919 was published Dec 14, 2021
An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password... Critical Unreviewed
CVE-2021-41694 was published Dec 10, 2021
Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning. High Unreviewed
CVE-2021-44037 was published Nov 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database