Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

133 advisories

Loading
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2... Moderate Unreviewed
CVE-2021-40170 was published Dec 16, 2021
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)... High Unreviewed
CVE-2019-3915 was published May 13, 2022
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode... High Unreviewed
CVE-2018-17176 was published May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command... Critical Unreviewed
CVE-2018-17903 was published May 13, 2022
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are... High Unreviewed
CVE-2018-17935 was published May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,... Critical Unreviewed
CVE-2019-9659 was published May 13, 2022
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET High
CVE-2020-5261 was published for Sustainsys.Saml2 (NuGet) Mar 25, 2020
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product... Critical Unreviewed
CVE-2018-7790 was published May 13, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed
CVE-2022-2780 was published Oct 14, 2022
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange... High Unreviewed
CVE-2002-0054 was published Apr 30, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a... Critical Unreviewed
CVE-2021-38459 was published May 24, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed
CVE-2022-29475 was published Oct 25, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed
CVE-2021-35067 was published May 24, 2022
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem... High Unreviewed
CVE-2021-25480 was published May 24, 2022
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker... High Unreviewed
CVE-2021-27662 was published May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,... Moderate Unreviewed
CVE-2020-23178 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur... High Unreviewed
CVE-2021-27572 was published May 24, 2022
Windows NTLM Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-31958 was published May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version... Moderate Unreviewed
CVE-2020-28713 was published May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows... Moderate Unreviewed
CVE-2020-26172 was published May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay... Moderate Unreviewed
CVE-2021-22267 was published May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay... Moderate Unreviewed
CVE-2020-13799 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos... Critical Unreviewed
CVE-2020-35551 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... Moderate Unreviewed
CVE-2020-27269 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database