Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20 advisories

Loading
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7... Critical Unreviewed
CVE-2021-41030 was published Dec 9, 2021
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an... Critical Unreviewed
CVE-2022-22806 was published Mar 10, 2022
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product... Critical Unreviewed
CVE-2018-7790 was published May 13, 2022
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control,... Critical Unreviewed
CVE-2019-9659 was published May 13, 2022
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command... Critical Unreviewed
CVE-2018-17903 was published May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to... Critical Unreviewed
CVE-2017-3191 was published May 13, 2022
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable... Critical Unreviewed
CVE-2018-17932 was published May 24, 2022
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command,... Critical Unreviewed
CVE-2018-19025 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos... Critical Unreviewed
CVE-2020-35551 was published May 24, 2022
The data of a network capture of the initial handshake phase can be used to authenticate at a... Critical Unreviewed
CVE-2021-38459 was published May 24, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-37011 was published Sep 14, 2022
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed
CVE-2022-44457 was published Nov 8, 2022
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730,... Critical Unreviewed
CVE-2023-0014 was published Jan 10, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which... Critical Unreviewed
CVE-2023-29158 was published Jun 19, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC... Critical Unreviewed
CVE-2023-2846 was published Jun 30, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause... Critical Unreviewed
CVE-2022-45789 was published Jul 6, 2023
An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass... Critical Unreviewed
CVE-2023-47435 was published Apr 19, 2024
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows... Critical Unreviewed
CVE-2024-4009 was published Jun 5, 2024
D-Link - CWE-294: Authentication Bypass by Capture-replay Critical Unreviewed
CVE-2024-38438 was published Jul 21, 2024
ProTip! Advisories are also available from the GraphQL API