Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem... High Unreviewed
CVE-2021-25480 was published May 24, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed
CVE-2021-35067 was published May 24, 2022
The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to... High Unreviewed
CVE-2022-31265 was published May 27, 2022
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows... High Unreviewed
CVE-2022-31277 was published Jun 17, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed
CVE-2022-33971 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed
CVE-2022-33208 was published Jul 5, 2022
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all... High Unreviewed
CVE-2022-34151 was published Jul 5, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed
CVE-2022-40621 was published Sep 14, 2022
django-mfa2 vulnerable to MFA Replay attack High
CVE-2022-42731 was published for django-mfa2 (pip) Oct 11, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed
CVE-2022-2780 was published Oct 14, 2022
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously... High Unreviewed
CVE-2022-41541 was published Oct 18, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed
CVE-2022-29475 was published Oct 25, 2022
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed
CVE-2021-38827 was published Nov 14, 2022
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same... High Unreviewed
CVE-2022-38766 was published Jan 3, 2023
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed
CVE-2023-0035 was published Jan 9, 2023
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed
CVE-2023-0036 was published Jan 9, 2023
thorsten/phpmyfaq vulnerable to authentication bypass High
CVE-2023-1886 was published for thorsten/phpmyfaq (Composer) Apr 5, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows... High Unreviewed
CVE-2023-31761 was published May 24, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access... High Unreviewed
CVE-2023-31763 was published May 24, 2023
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows... High Unreviewed
CVE-2023-31762 was published May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full... High Unreviewed
CVE-2023-31759 was published May 24, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful... High Unreviewed
CVE-2022-48507 was published Jul 6, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an... High Unreviewed
CVE-2022-25836 was published Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an... High Unreviewed
CVE-2022-25837 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database