Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,328
NuGet
761
pip
4,100
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
LibreNMS has Weak Password Policy Low
CVE-2025-65014 was published for librenms/librenms (Composer) Nov 18, 2025
marcelomulder
Credited to marcelomulder
NovoSGA: Manipulation of User Creation Page can lead to weak password requirements Low
CVE-2025-11322 was published for novosga/novosga (Composer) Oct 6, 2025
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some... Low Unreviewed
CVE-2025-10320 was published Sep 12, 2025
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into... Low Unreviewed
CVE-2023-27272 was published Apr 14, 2025
MLflow has Weak Password Requirements Low
CVE-2025-1474 was published for mlflow (pip) Mar 20, 2025
Silverpeas vulnerable to password complexity rule bypass Low
CVE-2024-42850 was published for org.silverpeas.core:silverpeas-core (Maven) Aug 16, 2024
An Unverified Password Change could allow a malicious actor with API access to the device to... Low Unreviewed
CVE-2024-29208 was published May 7, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as... Low Unreviewed
CVE-2024-0347 was published Jan 10, 2024
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer... Low Unreviewed
CVE-2024-0188 was published Jan 2, 2024
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as... Low Unreviewed
CVE-2023-7053 was published Dec 22, 2023
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users'... Low Unreviewed
CVE-2020-8956 was published May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a... Low Unreviewed
CVE-2020-8632 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database