GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode...
High
Unreviewed
CVE-2018-17176
was published
May 13, 2022
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)...
High
Unreviewed
CVE-2019-3915
was published
May 13, 2022
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence...
High
Unreviewed
CVE-2018-7356
was published
May 13, 2022
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously...
High
Unreviewed
CVE-2022-41541
was published
Oct 18, 2022
Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to...
High
Unreviewed
CVE-2017-11786
was published
May 13, 2022
Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level...
High
Unreviewed
CVE-2017-6823
was published
May 13, 2022
YSoft SafeQ Server 6 allows a replay attack.
High
Unreviewed
CVE-2018-15498
was published
May 13, 2022
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same...
High
Unreviewed
CVE-2022-38766
was published
Jan 3, 2023
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for...
High
Unreviewed
CVE-2021-39364
was published
Feb 25, 2022
Multi-Factor Authentication issue in Laravel Fortify
High
CVE-2022-25838
was published
for
laravel/fortify
(Composer)
Feb 25, 2022
thorsten/phpmyfaq vulnerable to authentication bypass
High
CVE-2023-1886
was published
for
thorsten/phpmyfaq
(Composer)
Apr 5, 2023
Authentication bypass by capture-replay in github.com/cosmos/ethermint
High
CVE-2021-25835
was published
for
github.com/cosmos/ethermint
(Go)
Feb 15, 2022
Authentication bypass by capture-replay in github.com/cosmos/ethermint
High
CVE-2021-25834
was published
for
github.com/cosmos/ethermint
(Go)
Feb 15, 2022
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X...
High
Unreviewed
CVE-2023-39547
was published
Nov 17, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in...
High
Unreviewed
CVE-2023-20900
was published
Aug 31, 2023
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3...
High
Unreviewed
CVE-2022-46480
was published
Dec 5, 2023
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to...
High
Unreviewed
CVE-2023-46892
was published
Jan 23, 2024
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows...
High
Unreviewed
CVE-2023-31762
was published
May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full...
High
Unreviewed
CVE-2023-31759
was published
May 24, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows...
High
Unreviewed
CVE-2023-31761
was published
May 24, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access...
High
Unreviewed
CVE-2023-31763
was published
May 24, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful...
High
Unreviewed
CVE-2022-48507
was published
Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an...
High
Unreviewed
CVE-2022-25837
was published
Jul 6, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation...
High
Unreviewed
CVE-2023-34625
was published
Jul 20, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an...
High
Unreviewed
CVE-2022-25836
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API