GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
26 advisories
Filter by severity
A remote authentication bypass issue exists in some
OneView APIs.
Critical
Unreviewed
CVE-2023-30909
was published
Sep 14, 2023
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an...
Critical
Unreviewed
CVE-2023-49231
was published
Mar 29, 2024
Apache Linkis Authentication Bypass vulnerability
Critical
CVE-2023-27987
was published
for
org.apache.linkis:linkis
(Maven)
Jul 6, 2023
LinOTP replay vulnerability with auto resynchronization enabled for TOTP token
Critical
CVE-2019-12887
was published
for
LinOTP
(pip)
May 24, 2022
D-Link -
CWE-294: Authentication Bypass by Capture-replay
Critical
Unreviewed
CVE-2024-38438
was published
Jul 21, 2024
An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass...
Critical
Unreviewed
CVE-2023-47435
was published
Apr 19, 2024
Replay Attack
in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4009
was published
Jun 5, 2024
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause...
Critical
Unreviewed
CVE-2022-45789
was published
Jul 6, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC...
Critical
Unreviewed
CVE-2023-2846
was published
Jun 30, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which...
Critical
Unreviewed
CVE-2023-29158
was published
Jun 19, 2023
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to...
Critical
Unreviewed
CVE-2017-3191
was published
May 13, 2022
Capture-replay in Gitea
Critical
CVE-2021-45327
was published
for
github.com/go-gitea/gitea
(Go)
Feb 9, 2022
Microsoft Outlook Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-23397
was published
Mar 14, 2023
Answer vulnerable to Authentication Bypass by Capture-replay
Critical
CVE-2023-1537
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an...
Critical
Unreviewed
CVE-2022-22806
was published
Mar 10, 2022
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7...
Critical
Unreviewed
CVE-2021-41030
was published
Dec 9, 2021
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command...
Critical
Unreviewed
CVE-2018-17903
was published
May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,...
Critical
Unreviewed
CVE-2019-9659
was published
May 13, 2022
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product...
Critical
Unreviewed
CVE-2018-7790
was published
May 13, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a...
Critical
Unreviewed
CVE-2021-38459
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos...
Critical
Unreviewed
CVE-2020-35551
was published
May 24, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <...
Critical
Unreviewed
CVE-2022-44457
was published
Nov 8, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <...
Critical
Unreviewed
CVE-2022-37011
was published
Sep 14, 2022
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,...
Critical
Unreviewed
CVE-2018-19025
was published
May 24, 2022
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable...
Critical
Unreviewed
CVE-2018-17932
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API