Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,966
NuGet
713
pip
3,759
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Spring Security Does Not Enforce Password Length High
CVE-2025-22228 was published for org.springframework.security:spring-security-crypto (Maven) Mar 20, 2025
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
Weak Password Requirements in thorsten/phpmyfaq High
CVE-2023-0793 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
Froxlor contains Weak Password Requirements High
CVE-2023-0564 was published for froxlor/froxlor (Composer) Jan 29, 2023
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
Missing password strength check in notrinos/notrinos-erp High
CVE-2022-2927 was published for notrinos/notrinos-erp (Composer) Aug 23, 2022
Plone allows weak passwords High
CVE-2020-7940 was published for Plone (pip) May 24, 2022
Weak Password Requirements in Daybyday CRM High
CVE-2022-22110 was published for bottelet/flarepoint (Composer) Jan 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database