GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
46 advisories
Filter by severity
The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door...
Moderate
Unreviewed
CVE-2022-27254
was published
Mar 25, 2022
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an...
Moderate
Unreviewed
CVE-2021-27195
was published
May 24, 2022
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture...
Moderate
Unreviewed
CVE-2022-30466
was published
Jun 8, 2022
Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote...
Moderate
Unreviewed
CVE-2022-30467
was published
Jun 30, 2022
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to...
Moderate
Unreviewed
CVE-2022-29593
was published
Jul 15, 2022
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass...
Moderate
Unreviewed
CVE-2022-43704
was published
Jan 20, 2023
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack...
Moderate
Unreviewed
CVE-2019-18199
was published
May 24, 2022
An OpenPGP digital signature includes information about the date when the signature was created....
Moderate
Unreviewed
CVE-2022-2226
was published
Dec 22, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles...
Moderate
Unreviewed
CVE-2022-37418
was published
Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows...
Moderate
Unreviewed
CVE-2022-37305
was published
Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows...
Moderate
Unreviewed
CVE-2022-36945
was published
Aug 25, 2022
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4...
Moderate
Unreviewed
CVE-2019-11856
was published
May 24, 2022
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in...
Moderate
Unreviewed
CVE-2020-12355
was published
May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol...
Moderate
Unreviewed
CVE-2020-27269
was published
May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay...
Moderate
Unreviewed
CVE-2020-13799
was published
May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay...
Moderate
Unreviewed
CVE-2021-22267
was published
May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows...
Moderate
Unreviewed
CVE-2020-26172
was published
May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version...
Moderate
Unreviewed
CVE-2020-28713
was published
May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,...
Moderate
Unreviewed
CVE-2020-23178
was published
May 24, 2022
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2...
Moderate
Unreviewed
CVE-2021-40170
was published
Dec 16, 2021
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass...
Moderate
Unreviewed
CVE-2018-16242
was published
May 13, 2022
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is...
Moderate
Unreviewed
CVE-2021-46145
was published
Jan 7, 2022
GoAhead before 5.1.2 mishandles the nonce value during Digest authentication. This may permit...
Moderate
Unreviewed
CVE-2020-15688
was published
May 24, 2022
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF...
Moderate
Unreviewed
CVE-2022-45914
was published
Nov 27, 2022
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application...
Moderate
Unreviewed
CVE-2019-11334
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API