GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
133 advisories
Filter by severity
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2...
Moderate
Unreviewed
CVE-2021-40170
was published
Dec 16, 2021
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)...
High
Unreviewed
CVE-2019-3915
was published
May 13, 2022
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode...
High
Unreviewed
CVE-2018-17176
was published
May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command...
Critical
Unreviewed
CVE-2018-17903
was published
May 13, 2022
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are...
High
Unreviewed
CVE-2018-17935
was published
May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,...
Critical
Unreviewed
CVE-2019-9659
was published
May 13, 2022
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET
High
CVE-2020-5261
was published
for
Sustainsys.Saml2
(NuGet)
Mar 25, 2020
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product...
Critical
Unreviewed
CVE-2018-7790
was published
May 13, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function...
High
Unreviewed
CVE-2022-2780
was published
Oct 14, 2022
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange...
High
Unreviewed
CVE-2002-0054
was published
Apr 30, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a...
Critical
Unreviewed
CVE-2021-38459
was published
May 24, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc...
High
Unreviewed
CVE-2022-29475
was published
Oct 25, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g...
High
Unreviewed
CVE-2021-35067
was published
May 24, 2022
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem...
High
Unreviewed
CVE-2021-25480
was published
May 24, 2022
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker...
High
Unreviewed
CVE-2021-27662
was published
May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,...
Moderate
Unreviewed
CVE-2020-23178
was published
May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur...
High
Unreviewed
CVE-2021-27572
was published
May 24, 2022
Windows NTLM Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-31958
was published
May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version...
Moderate
Unreviewed
CVE-2020-28713
was published
May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows...
Moderate
Unreviewed
CVE-2020-26172
was published
May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay...
Moderate
Unreviewed
CVE-2021-22267
was published
May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay...
Moderate
Unreviewed
CVE-2020-13799
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos...
Critical
Unreviewed
CVE-2020-35551
was published
May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol...
Moderate
Unreviewed
CVE-2020-27269
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25229
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API