GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users...
Critical
Unreviewed
CVE-2018-15680
was published
May 13, 2022
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%...
High
Unreviewed
CVE-2018-9233
was published
May 13, 2022
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak...
High
Unreviewed
CVE-2020-16231
was published
May 20, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a...
Moderate
Unreviewed
CVE-2019-12737
was published
May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17216
was published
May 24, 2022
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating...
Critical
Unreviewed
CVE-2019-19735
was published
May 24, 2022
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a...
Moderate
Unreviewed
CVE-2019-20062
was published
May 24, 2022
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow...
Moderate
Unreviewed
CVE-2020-0533
was published
May 24, 2022
In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash...
Moderate
Unreviewed
CVE-2019-12305
was published
May 24, 2022
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative...
Moderate
Unreviewed
CVE-2020-27693
was published
May 24, 2022
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500...
Moderate
Unreviewed
CVE-2020-6780
was published
May 24, 2022
Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long...
High
Unreviewed
CVE-2020-28873
was published
May 24, 2022
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an...
Critical
Unreviewed
CVE-2020-14516
was published
May 24, 2022
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A...
High
Unreviewed
CVE-2019-20466
was published
May 24, 2022
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for...
High
Unreviewed
CVE-2020-25754
was published
May 24, 2022
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager...
Critical
Unreviewed
CVE-2021-32519
was published
May 24, 2022
A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 /...
High
Unreviewed
CVE-2021-22774
was published
May 24, 2022
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of...
High
Unreviewed
CVE-2021-32596
was published
May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords...
Moderate
Unreviewed
CVE-2021-33003
was published
May 24, 2022
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the...
Moderate
Unreviewed
CVE-2021-38400
was published
May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are...
High
Unreviewed
CVE-2021-23855
was published
May 24, 2022
In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that...
Critical
Unreviewed
CVE-2021-36767
was published
May 24, 2022
net-ldap has weak salt when generating passwords
Moderate
CVE-2014-0083
was published
for
net-ldap
(RubyGems)
May 24, 2022
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered...
Moderate
Unreviewed
CVE-2021-38314
was published
May 24, 2022
Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA ...
Moderate
Unreviewed
CVE-2021-22741
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API