GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
123 advisories
Filter by severity
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7...
Critical
Unreviewed
CVE-2021-41030
was published
Dec 9, 2021
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2...
Moderate
Unreviewed
CVE-2021-40170
was published
Dec 16, 2021
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is...
Moderate
Unreviewed
CVE-2021-46145
was published
Jan 7, 2022
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for...
High
Unreviewed
CVE-2021-39364
was published
Feb 25, 2022
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an...
Critical
Unreviewed
CVE-2022-22806
was published
Mar 10, 2022
The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door...
Moderate
Unreviewed
CVE-2022-27254
was published
Mar 25, 2022
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric MELSEC iQ-F series...
High
Unreviewed
CVE-2022-25159
was published
Apr 3, 2022
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric...
High
Unreviewed
CVE-2022-25155
was published
Apr 3, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to...
High
Unreviewed
CVE-2020-27374
was published
Apr 8, 2022
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange...
High
Unreviewed
CVE-2002-0054
was published
Apr 30, 2022
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product...
Critical
Unreviewed
CVE-2018-7790
was published
May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,...
Critical
Unreviewed
CVE-2019-9659
was published
May 13, 2022
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are...
High
Unreviewed
CVE-2018-17935
was published
May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command...
Critical
Unreviewed
CVE-2018-17903
was published
May 13, 2022
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode...
High
Unreviewed
CVE-2018-17176
was published
May 13, 2022
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100)...
High
Unreviewed
CVE-2019-3915
was published
May 13, 2022
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence...
High
Unreviewed
CVE-2018-7356
was published
May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to...
Critical
Unreviewed
CVE-2017-3191
was published
May 13, 2022
Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to...
High
Unreviewed
CVE-2017-11786
was published
May 13, 2022
Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level...
High
Unreviewed
CVE-2017-6823
was published
May 13, 2022
YSoft SafeQ Server 6 allows a replay attack.
High
Unreviewed
CVE-2018-15498
was published
May 13, 2022
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass...
Moderate
Unreviewed
CVE-2018-16242
was published
May 13, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All...
High
Unreviewed
CVE-2022-29878
was published
May 21, 2022
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and...
Moderate
Unreviewed
CVE-2019-5307
was published
May 24, 2022
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control.
Moderate
Unreviewed
CVE-2019-9158
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API