Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

167 advisories

Loading
A remote authentication bypass issue exists in some OneView APIs. Critical Unreviewed
CVE-2023-30909 was published Sep 14, 2023
 A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay. Moderate Unreviewed
CVE-2023-39373 was published Sep 3, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in... High Unreviewed
CVE-2023-20900 was published Aug 31, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation... High Unreviewed
CVE-2023-34625 was published Jul 20, 2023
Apache Linkis Authentication Bypass vulnerability Critical
CVE-2023-27987 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause... Critical Unreviewed
CVE-2022-45789 was published Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an... High Unreviewed
CVE-2022-25837 was published Jul 6, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an... High Unreviewed
CVE-2022-25836 was published Jul 6, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful... High Unreviewed
CVE-2022-48507 was published Jul 6, 2023
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC... Critical Unreviewed
CVE-2023-2846 was published Jun 30, 2023
An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via... Moderate Unreviewed
CVE-2023-34553 was published Jun 22, 2023
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which... Critical Unreviewed
CVE-2023-29158 was published Jun 19, 2023
GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request... Moderate Unreviewed
CVE-2023-33621 was published Jun 13, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows... High Unreviewed
CVE-2023-31761 was published May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full... High Unreviewed
CVE-2023-31759 was published May 24, 2023
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows... High Unreviewed
CVE-2023-31762 was published May 24, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access... High Unreviewed
CVE-2023-31763 was published May 24, 2023
The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door... Moderate Unreviewed
CVE-2023-33281 was published May 22, 2023
IO FinNet tss-lib vulnerable to replay attacks involving proofs Moderate
CVE-2022-47930 was published for github.com/binance-chain/tss-lib (Go) Apr 21, 2023
A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and... Moderate Unreviewed
CVE-2023-20123 was published Apr 5, 2023
thorsten/phpmyfaq vulnerable to authentication bypass High
CVE-2023-1886 was published for thorsten/phpmyfaq (Composer) Apr 5, 2023
Answer vulnerable to Authentication Bypass by Capture-replay Critical
CVE-2023-1537 was published for github.com/answerdev/answer (Go) Mar 21, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass... Moderate Unreviewed
CVE-2022-43704 was published Jan 20, 2023
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730,... Critical Unreviewed
CVE-2023-0014 was published Jan 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database