Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

143 advisories

Loading
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed
CVE-2022-33971 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed
CVE-2022-33208 was published Jul 5, 2022
Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote... Moderate Unreviewed
CVE-2022-30467 was published Jun 30, 2022
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows... High Unreviewed
CVE-2022-31277 was published Jun 17, 2022
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture... Moderate Unreviewed
CVE-2022-30466 was published Jun 8, 2022
The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to... High Unreviewed
CVE-2022-31265 was published May 27, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a... Critical Unreviewed
CVE-2021-38459 was published May 24, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed
CVE-2021-35067 was published May 24, 2022
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem... High Unreviewed
CVE-2021-25480 was published May 24, 2022
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker... High Unreviewed
CVE-2021-27662 was published May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,... Moderate Unreviewed
CVE-2020-23178 was published May 24, 2022
Windows NTLM Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-31958 was published May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version... Moderate Unreviewed
CVE-2020-28713 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur... High Unreviewed
CVE-2021-27572 was published May 24, 2022
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an... Moderate Unreviewed
CVE-2021-27195 was published May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay... Moderate Unreviewed
CVE-2021-22267 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... Moderate Unreviewed
CVE-2020-27269 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos... Critical Unreviewed
CVE-2020-35551 was published May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows... Moderate Unreviewed
CVE-2020-26172 was published May 24, 2022
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful... Moderate Unreviewed
CVE-2020-14302 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2... High Unreviewed
CVE-2020-25660 was published May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay... Moderate Unreviewed
CVE-2020-13799 was published May 24, 2022
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in... Moderate Unreviewed
CVE-2020-12355 was published May 24, 2022
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,... Critical Unreviewed
CVE-2018-19025 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database