Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

165 advisories

Loading
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same... High Unreviewed
CVE-2022-38766 was published Jan 3, 2023
An OpenPGP digital signature includes information about the date when the signature was created.... Moderate Unreviewed
CVE-2022-2226 was published Dec 22, 2022
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF... Moderate Unreviewed
CVE-2022-45914 was published Nov 27, 2022
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed
CVE-2021-38827 was published Nov 14, 2022
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this... High Unreviewed
CVE-2022-44555 was published Nov 10, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-44457 was published Nov 8, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed
CVE-2022-29475 was published Oct 25, 2022
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously... High Unreviewed
CVE-2022-41541 was published Oct 18, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed
CVE-2022-2780 was published Oct 14, 2022
django-mfa2 vulnerable to MFA Replay attack High
CVE-2022-42731 was published for django-mfa2 (pip) Oct 11, 2022
There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of... Moderate Unreviewed
CVE-2021-46835 was published Sep 21, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-37011 was published Sep 14, 2022
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed
CVE-2022-40621 was published Sep 14, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows... Moderate Unreviewed
CVE-2022-36945 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows... Moderate Unreviewed
CVE-2022-37305 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles... Moderate Unreviewed
CVE-2022-37418 was published Aug 25, 2022
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed
CVE-2021-22640 was published Jul 29, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to... Moderate Unreviewed
CVE-2022-29593 was published Jul 15, 2022
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all... High Unreviewed
CVE-2022-34151 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed
CVE-2022-33971 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed
CVE-2022-33208 was published Jul 5, 2022
Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote... Moderate Unreviewed
CVE-2022-30467 was published Jun 30, 2022
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows... High Unreviewed
CVE-2022-31277 was published Jun 17, 2022
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture... Moderate Unreviewed
CVE-2022-30466 was published Jun 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database