Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric MELSEC iQ-F series... High Unreviewed
CVE-2022-25159 was published Apr 3, 2022
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric... High Unreviewed
CVE-2022-25155 was published Apr 3, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to... High Unreviewed
CVE-2020-27374 was published Apr 8, 2022
The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to... High Unreviewed
CVE-2022-31265 was published May 27, 2022
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows... High Unreviewed
CVE-2022-31277 was published Jun 17, 2022
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all... High Unreviewed
CVE-2022-34151 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed
CVE-2022-33208 was published Jul 5, 2022
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed
CVE-2022-33971 was published Jul 5, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed
CVE-2022-40621 was published Sep 14, 2022
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed
CVE-2021-38827 was published Nov 14, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29878 was published May 21, 2022
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2... High Unreviewed
CVE-2020-25660 was published May 24, 2022
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2... High Unreviewed
CVE-2020-15931 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
Windows NTLM Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-31958 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur... High Unreviewed
CVE-2021-27572 was published May 24, 2022
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker... High Unreviewed
CVE-2021-27662 was published May 24, 2022
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem... High Unreviewed
CVE-2021-25480 was published May 24, 2022
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g... High Unreviewed
CVE-2021-35067 was published May 24, 2022
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed
CVE-2022-29475 was published Oct 25, 2022
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange... High Unreviewed
CVE-2002-0054 was published Apr 30, 2022
In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed
CVE-2022-2780 was published Oct 14, 2022
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET High
CVE-2020-5261 was published for Sustainsys.Saml2 (NuGet) Mar 25, 2020
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are... High Unreviewed
CVE-2018-17935 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database