GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,028
Composer 4,876
Erlang 37
GitHub Actions 37
Go 2,526
Maven 5,976
npm 4,188
NuGet 741
pip 3,968
Pub 12
RubyGems 947
Rust 1,030
Swift 39

Unreviewed advisories

All unreviewed 271,290

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

168 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730,... Critical Unreviewed

CVE-2023-0014 was published Jan 10, 2023

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed

CVE-2023-0036 was published Jan 9, 2023

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed

CVE-2023-0035 was published Jan 9, 2023

The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same... High Unreviewed

CVE-2022-38766 was published Jan 3, 2023

An OpenPGP digital signature includes information about the date when the signature was created.... Moderate Unreviewed

CVE-2022-2226 was published Dec 22, 2022

The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF... Moderate Unreviewed

CVE-2022-45914 was published Nov 27, 2022

Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. High Unreviewed

CVE-2021-38827 was published Nov 14, 2022

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this... High Unreviewed

CVE-2022-44555 was published Nov 10, 2022

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed

CVE-2022-44457 was published Nov 8, 2022

An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc... High Unreviewed

CVE-2022-29475 was published Oct 25, 2022

TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously... High Unreviewed

CVE-2022-41541 was published Oct 18, 2022

In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed

CVE-2022-2780 was published Oct 14, 2022

django-mfa2 vulnerable to MFA Replay attack High

CVE-2022-42731 was published for django-mfa2 (pip) Oct 11, 2022

There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of... Moderate Unreviewed

CVE-2021-46835 was published Sep 21, 2022

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... Critical Unreviewed

CVE-2022-37011 was published Sep 14, 2022

Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier... High Unreviewed

CVE-2022-40621 was published Sep 14, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles... Moderate Unreviewed

CVE-2022-37418 was published Aug 25, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows... Moderate Unreviewed

CVE-2022-36945 was published Aug 25, 2022

The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows... Moderate Unreviewed

CVE-2022-37305 was published Aug 25, 2022

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed

CVE-2021-22640 was published Jul 29, 2022

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to... Moderate Unreviewed

CVE-2022-29593 was published Jul 15, 2022

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ... High Unreviewed

CVE-2022-33208 was published Jul 5, 2022

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7... High Unreviewed

CVE-2022-33971 was published Jul 5, 2022

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all... High Unreviewed

CVE-2022-34151 was published Jul 5, 2022

Previous 1…4…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

168 advisories