Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

142 advisories

Loading
thorsten/phpmyfaq vulnerable to authentication bypass High
CVE-2023-1886 was published for thorsten/phpmyfaq (Composer) Apr 5, 2023
Answer vulnerable to Authentication Bypass by Capture-replay Critical
CVE-2023-1537 was published for github.com/answerdev/answer (Go) Mar 21, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass... Moderate Unreviewed
CVE-2022-43704 was published Jan 20, 2023
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730,... Critical Unreviewed
CVE-2023-0014 was published Jan 10, 2023
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed
CVE-2023-0036 was published Jan 9, 2023
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed
CVE-2023-0035 was published Jan 9, 2023
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same... High Unreviewed
CVE-2022-38766 was published Jan 3, 2023
An OpenPGP digital signature includes information about the date when the signature was created.... Moderate Unreviewed
CVE-2022-2226 was published Dec 22, 2022
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF... Moderate Unreviewed
CVE-2022-45914 was published Nov 27, 2022
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed
CVE-2021-38827 was published Nov 14, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-44457 was published Nov 8, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed
CVE-2022-29475 was published Oct 25, 2022
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously... High Unreviewed
CVE-2022-41541 was published Oct 18, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed
CVE-2022-2780 was published Oct 14, 2022
django-mfa2 vulnerable to MFA Replay attack High
CVE-2022-42731 was published for django-mfa2 (pip) Oct 11, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-37011 was published Sep 14, 2022
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed
CVE-2022-40621 was published Sep 14, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles... Moderate Unreviewed
CVE-2022-37418 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows... Moderate Unreviewed
CVE-2022-37305 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows... Moderate Unreviewed
CVE-2022-36945 was published Aug 25, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to... Moderate Unreviewed
CVE-2022-29593 was published Jul 15, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed
CVE-2022-33208 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed
CVE-2022-33971 was published Jul 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database