GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
22 advisories
Filter by severity
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7...
Critical
Unreviewed
CVE-2021-41030
was published
Dec 9, 2021
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an...
Critical
Unreviewed
CVE-2022-22806
was published
Mar 10, 2022
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product...
Critical
Unreviewed
CVE-2018-7790
was published
May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,...
Critical
Unreviewed
CVE-2019-9659
was published
May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command...
Critical
Unreviewed
CVE-2018-17903
was published
May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to...
Critical
Unreviewed
CVE-2017-3191
was published
May 13, 2022
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable...
Critical
Unreviewed
CVE-2018-17932
was published
May 24, 2022
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,...
Critical
Unreviewed
CVE-2018-19025
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos...
Critical
Unreviewed
CVE-2020-35551
was published
May 24, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a...
Critical
Unreviewed
CVE-2021-38459
was published
May 24, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <...
Critical
Unreviewed
CVE-2022-37011
was published
Sep 14, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <...
Critical
Unreviewed
CVE-2022-44457
was published
Nov 8, 2022
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730,...
Critical
Unreviewed
CVE-2023-0014
was published
Jan 10, 2023
Microsoft Outlook Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-23397
was published
Mar 14, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which...
Critical
Unreviewed
CVE-2023-29158
was published
Jun 19, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC...
Critical
Unreviewed
CVE-2023-2846
was published
Jun 30, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause...
Critical
Unreviewed
CVE-2022-45789
was published
Jul 6, 2023
A remote authentication bypass issue exists in some
OneView APIs.
Critical
Unreviewed
CVE-2023-30909
was published
Sep 14, 2023
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an...
Critical
Unreviewed
CVE-2023-49231
was published
Mar 29, 2024
An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass...
Critical
Unreviewed
CVE-2023-47435
was published
Apr 19, 2024
Replay Attack
in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4009
was published
Jun 5, 2024
D-Link -
CWE-294: Authentication Bypass by Capture-replay
Critical
Unreviewed
CVE-2024-38438
was published
Jul 21, 2024
ProTip!
Advisories are also available from the
GraphQL API