Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

52 advisories

Loading
The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door... Moderate Unreviewed
CVE-2022-27254 was published Mar 25, 2022
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an... Moderate Unreviewed
CVE-2021-27195 was published May 24, 2022
joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture... Moderate Unreviewed
CVE-2022-30466 was published Jun 8, 2022
Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote... Moderate Unreviewed
CVE-2022-30467 was published Jun 30, 2022
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... Moderate Unreviewed
CVE-2019-18199 was published May 24, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles... Moderate Unreviewed
CVE-2022-37418 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows... Moderate Unreviewed
CVE-2022-37305 was published Aug 25, 2022
The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows... Moderate Unreviewed
CVE-2022-36945 was published Aug 25, 2022
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4... Moderate Unreviewed
CVE-2019-11856 was published May 24, 2022
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in... Moderate Unreviewed
CVE-2020-12355 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... Moderate Unreviewed
CVE-2020-27269 was published May 24, 2022
Western Digital iNAND devices through 2020-06-03 allow Authentication Bypass via a capture-replay... Moderate Unreviewed
CVE-2020-13799 was published May 24, 2022
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay... Moderate Unreviewed
CVE-2021-22267 was published May 24, 2022
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows... Moderate Unreviewed
CVE-2020-26172 was published May 24, 2022
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version... Moderate Unreviewed
CVE-2020-28713 was published May 24, 2022
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out,... Moderate Unreviewed
CVE-2020-23178 was published May 24, 2022
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2... Moderate Unreviewed
CVE-2021-40170 was published Dec 16, 2021
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass... Moderate Unreviewed
CVE-2018-16242 was published May 13, 2022
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is... Moderate Unreviewed
CVE-2021-46145 was published Jan 7, 2022
GoAhead before 5.1.2 mishandles the nonce value during Digest authentication. This may permit... Moderate Unreviewed
CVE-2020-15688 was published May 24, 2022
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF... Moderate Unreviewed
CVE-2022-45914 was published Nov 27, 2022
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application... Moderate Unreviewed
CVE-2019-11334 was published May 24, 2022
A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and... Moderate Unreviewed
CVE-2023-20123 was published Apr 5, 2023
Authentication Bypass in hydra Moderate
CVE-2020-5300 was published for github.com/ory/hydra (Go) May 27, 2021
cedricvanrompay
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4... Moderate Unreviewed
CVE-2023-45794 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database