GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
143 advisories
Filter by severity
The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical...
Moderate
Unreviewed
CVE-2023-50128
was published
Jan 11, 2024
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3...
High
Unreviewed
CVE-2022-46480
was published
Dec 5, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X...
High
Unreviewed
CVE-2023-39547
was published
Nov 17, 2023
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4...
Moderate
Unreviewed
CVE-2023-45794
was published
Nov 14, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a replay...
Moderate
Unreviewed
CVE-2023-36857
was published
Oct 19, 2023
Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation
High
CVE-2023-41890
was published
for
Kentor.AuthServices
(NuGet)
Sep 20, 2023
A remote authentication bypass issue exists in some
OneView APIs.
Critical
Unreviewed
CVE-2023-30909
was published
Sep 14, 2023
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
Moderate
Unreviewed
CVE-2023-39373
was published
Sep 3, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in...
High
Unreviewed
CVE-2023-20900
was published
Aug 31, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation...
High
Unreviewed
CVE-2023-34625
was published
Jul 20, 2023
Apache Linkis Authentication Bypass vulnerability
Critical
CVE-2023-27987
was published
for
org.apache.linkis:linkis
(Maven)
Jul 6, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause...
Critical
Unreviewed
CVE-2022-45789
was published
Jul 6, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an...
High
Unreviewed
CVE-2022-25836
was published
Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an...
High
Unreviewed
CVE-2022-25837
was published
Jul 6, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful...
High
Unreviewed
CVE-2022-48507
was published
Jul 6, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC...
Critical
Unreviewed
CVE-2023-2846
was published
Jun 30, 2023
An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via...
Moderate
Unreviewed
CVE-2023-34553
was published
Jun 22, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which...
Critical
Unreviewed
CVE-2023-29158
was published
Jun 19, 2023
GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request...
Moderate
Unreviewed
CVE-2023-33621
was published
Jun 13, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows...
High
Unreviewed
CVE-2023-31761
was published
May 24, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access...
High
Unreviewed
CVE-2023-31763
was published
May 24, 2023
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows...
High
Unreviewed
CVE-2023-31762
was published
May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full...
High
Unreviewed
CVE-2023-31759
was published
May 24, 2023
The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door...
Moderate
Unreviewed
CVE-2023-33281
was published
May 22, 2023
An issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a...
Unknown
Unreviewed
CVE-2022-47930
was published
Apr 21, 2023
ProTip!
Advisories are also available from the
GraphQL API