Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

165 advisories

Loading
Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock... Moderate Unreviewed
CVE-2020-9438 was published May 24, 2022
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open... Low Unreviewed
CVE-2019-20626 was published May 24, 2022
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... Moderate Unreviewed
CVE-2019-18199 was published May 24, 2022
LinOTP replay vulnerability with auto resynchronization enabled for TOTP token Critical
CVE-2019-12887 was published for LinOTP (pip) May 24, 2022
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application... Moderate Unreviewed
CVE-2019-11334 was published May 24, 2022
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. Moderate Unreviewed
CVE-2019-9158 was published May 24, 2022
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and... Moderate Unreviewed
CVE-2019-5307 was published May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29878 was published May 21, 2022
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass... Moderate Unreviewed
CVE-2018-16242 was published May 13, 2022
YSoft SafeQ Server 6 allows a replay attack. High Unreviewed
CVE-2018-15498 was published May 13, 2022
Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level... High Unreviewed
CVE-2017-6823 was published May 13, 2022
Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to... High Unreviewed
CVE-2017-11786 was published May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to... Critical Unreviewed
CVE-2017-3191 was published May 13, 2022
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon... Critical Unreviewed
CVE-2017-6034 was published May 13, 2022
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed
CVE-2018-14781 was published May 13, 2022
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence... High Unreviewed
CVE-2018-7356 was published May 13, 2022
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)... High Unreviewed
CVE-2019-3915 was published May 13, 2022
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode... High Unreviewed
CVE-2018-17176 was published May 13, 2022
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are... High Unreviewed
CVE-2018-17935 was published May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command... Critical Unreviewed
CVE-2018-17903 was published May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,... Critical Unreviewed
CVE-2019-9659 was published May 13, 2022
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product... Critical Unreviewed
CVE-2018-7790 was published May 13, 2022
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange... High Unreviewed
CVE-2002-0054 was published Apr 30, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to... High Unreviewed
CVE-2020-27374 was published Apr 8, 2022
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric... High Unreviewed
CVE-2022-25155 was published Apr 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database