GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
144 advisories
Filter by severity
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access...
High
Unreviewed
CVE-2023-31763
was published
May 24, 2023
GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request...
Moderate
Unreviewed
CVE-2023-33621
was published
Jun 13, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which...
Critical
Unreviewed
CVE-2023-29158
was published
Jun 19, 2023
An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via...
Moderate
Unreviewed
CVE-2023-34553
was published
Jun 22, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC...
Critical
Unreviewed
CVE-2023-2846
was published
Jun 30, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful...
High
Unreviewed
CVE-2022-48507
was published
Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an...
High
Unreviewed
CVE-2022-25837
was published
Jul 6, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause...
Critical
Unreviewed
CVE-2022-45789
was published
Jul 6, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation...
High
Unreviewed
CVE-2023-34625
was published
Jul 20, 2023
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
Moderate
Unreviewed
CVE-2023-39373
was published
Sep 3, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a replay...
Moderate
Unreviewed
CVE-2023-36857
was published
Oct 19, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an...
High
Unreviewed
CVE-2022-25836
was published
Jul 6, 2023
Transmitted data is logged between the device and the backend service. An attacker could use...
Unknown
Unreviewed
CVE-2024-38284
was published
Jun 13, 2024
Replay Attack
in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4009
was published
Jun 5, 2024
An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass...
Critical
Unreviewed
CVE-2023-47435
was published
Apr 19, 2024
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
High
Unreviewed
CVE-2024-29850
was published
May 23, 2024
D-Link -
CWE-294: Authentication Bypass by Capture-replay
Critical
Unreviewed
CVE-2024-38438
was published
Jul 21, 2024
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
Moderate
Unreviewed
CVE-2024-5249
was published
Jul 30, 2024
Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay...
Moderate
Unreviewed
CVE-2024-37016
was published
Jul 15, 2024
An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and...
High
Unreviewed
CVE-2024-38890
was published
Aug 2, 2024
An attacker with local access to machine where MicroSCADA X
SYS600 is installed, could enable the...
High
Unreviewed
CVE-2024-3982
was published
Aug 27, 2024
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has...
High
Unreviewed
CVE-2023-0035
was published
Jan 9, 2023
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an...
High
Unreviewed
CVE-2023-0036
was published
Jan 9, 2023
The session hijacking attack targets the application layer's control mechanism, which manages...
High
Unreviewed
CVE-2024-43099
was published
Sep 13, 2024
django-mfa2 vulnerable to MFA Replay attack
High
CVE-2022-42731
was published
for
django-mfa2
(pip)
Oct 11, 2022
ProTip!
Advisories are also available from the
GraphQL API