Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

165 advisories

Loading
The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to... High Unreviewed
CVE-2022-31265 was published May 27, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a... Critical Unreviewed
CVE-2021-38459 was published May 24, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed
CVE-2021-35067 was published May 24, 2022
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem... High Unreviewed
CVE-2021-25480 was published May 24, 2022
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker... High Unreviewed
CVE-2021-27662 was published May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,... Moderate Unreviewed
CVE-2020-23178 was published May 24, 2022
Windows NTLM Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-31958 was published May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version... Moderate Unreviewed
CVE-2020-28713 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur... High Unreviewed
CVE-2021-27572 was published May 24, 2022
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an... Moderate Unreviewed
CVE-2021-27195 was published May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay... Moderate Unreviewed
CVE-2021-22267 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... Moderate Unreviewed
CVE-2020-27269 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos... Critical Unreviewed
CVE-2020-35551 was published May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows... Moderate Unreviewed
CVE-2020-26172 was published May 24, 2022
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful... Moderate Unreviewed
CVE-2020-14302 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2... High Unreviewed
CVE-2020-25660 was published May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay... Moderate Unreviewed
CVE-2020-13799 was published May 24, 2022
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in... Moderate Unreviewed
CVE-2020-12355 was published May 24, 2022
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,... Critical Unreviewed
CVE-2018-19025 was published May 24, 2022
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable... Critical Unreviewed
CVE-2018-17932 was published May 24, 2022
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2... High Unreviewed
CVE-2020-15931 was published May 24, 2022
** DISPUTED ** An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications)... Moderate Unreviewed
CVE-2020-24722 was published May 24, 2022
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4... Moderate Unreviewed
CVE-2019-11856 was published May 24, 2022
GoAhead before 5.1.2 mishandles the nonce value during Digest authentication. This may permit... Moderate Unreviewed
CVE-2020-15688 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database