GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,090
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,086
Maven 5,251
npm 3,749
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,600

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126 advisories

Filter by severity

Sort by

Least recently updated

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed

CVE-2023-0035 was published Jan 9, 2023

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed

CVE-2023-0036 was published Jan 9, 2023

The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same... High Unreviewed

CVE-2022-38766 was published Jan 3, 2023

An OpenPGP digital signature includes information about the date when the signature was created.... Moderate Unreviewed

CVE-2022-2226 was published Dec 22, 2022

The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF... Moderate Unreviewed

CVE-2022-45914 was published Nov 27, 2022

Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed

CVE-2021-38827 was published Nov 14, 2022

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed

CVE-2022-44457 was published Nov 8, 2022

An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed

CVE-2022-29475 was published Oct 25, 2022

TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously... High Unreviewed

CVE-2022-41541 was published Oct 18, 2022

In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed

CVE-2022-2780 was published Oct 14, 2022

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed

CVE-2022-37011 was published Sep 14, 2022

Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed

CVE-2022-40621 was published Sep 14, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles... Moderate Unreviewed

CVE-2022-37418 was published Aug 25, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows... Moderate Unreviewed

CVE-2022-37305 was published Aug 25, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows... Moderate Unreviewed

CVE-2022-36945 was published Aug 25, 2022

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to... Moderate Unreviewed

CVE-2022-29593 was published Jul 15, 2022

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed

CVE-2022-33208 was published Jul 5, 2022

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all... High Unreviewed

CVE-2022-34151 was published Jul 5, 2022

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed

CVE-2022-33971 was published Jul 5, 2022

Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote... Moderate Unreviewed

CVE-2022-30467 was published Jun 30, 2022

Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows... High Unreviewed

CVE-2022-31277 was published Jun 17, 2022

joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture... Moderate Unreviewed

CVE-2022-30466 was published Jun 8, 2022

The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to... High Unreviewed

CVE-2022-31265 was published May 27, 2022

The data of a network capture of the initial handshake phase can be used to authenticate at a... Critical Unreviewed

CVE-2021-38459 was published May 24, 2022

Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed

CVE-2021-35067 was published May 24, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126 advisories