GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
144 advisories
Filter by severity
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,...
Critical
Unreviewed
CVE-2018-19025
was published
May 24, 2022
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable...
Critical
Unreviewed
CVE-2018-17932
was published
May 24, 2022
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2...
High
Unreviewed
CVE-2020-15931
was published
May 24, 2022
** DISPUTED ** An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications)...
Moderate
Unreviewed
CVE-2020-24722
was published
May 24, 2022
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4...
Moderate
Unreviewed
CVE-2019-11856
was published
May 24, 2022
GoAhead before 5.1.2 mishandles the nonce value during Digest authentication. This may permit...
Moderate
Unreviewed
CVE-2020-15688
was published
May 24, 2022
Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock...
Moderate
Unreviewed
CVE-2020-9438
was published
May 24, 2022
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open...
Low
Unreviewed
CVE-2019-20626
was published
May 24, 2022
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack...
Moderate
Unreviewed
CVE-2019-18199
was published
May 24, 2022
LinOTP replay vulnerability with auto resynchronization enabled for TOTP token
Critical
CVE-2019-12887
was published
for
LinOTP
(pip)
May 24, 2022
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application...
Moderate
Unreviewed
CVE-2019-11334
was published
May 24, 2022
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control.
Moderate
Unreviewed
CVE-2019-9158
was published
May 24, 2022
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and...
Moderate
Unreviewed
CVE-2019-5307
was published
May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All...
High
Unreviewed
CVE-2022-29878
was published
May 21, 2022
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass...
Moderate
Unreviewed
CVE-2018-16242
was published
May 13, 2022
YSoft SafeQ Server 6 allows a replay attack.
High
Unreviewed
CVE-2018-15498
was published
May 13, 2022
Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level...
High
Unreviewed
CVE-2017-6823
was published
May 13, 2022
Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to...
High
Unreviewed
CVE-2017-11786
was published
May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to...
Critical
Unreviewed
CVE-2017-3191
was published
May 13, 2022
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence...
High
Unreviewed
CVE-2018-7356
was published
May 13, 2022
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)...
High
Unreviewed
CVE-2019-3915
was published
May 13, 2022
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode...
High
Unreviewed
CVE-2018-17176
was published
May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command...
Critical
Unreviewed
CVE-2018-17903
was published
May 13, 2022
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are...
High
Unreviewed
CVE-2018-17935
was published
May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,...
Critical
Unreviewed
CVE-2019-9659
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API