GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

138 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of... Moderate Unreviewed

CVE-2021-46835 was published Sep 21, 2022

Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed

CVE-2018-14781 was published May 13, 2022

Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote... Moderate Unreviewed

CVE-2025-48012 was published May 21, 2025

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to... High Unreviewed

CVE-2025-30072 was published May 19, 2025

Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal... Moderate Unreviewed

CVE-2025-47706 was published May 14, 2025

In affected versions of Octopus Server it is possible to use the Git Connectivity test function... High Unreviewed

CVE-2022-2780 was published Oct 14, 2022

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to... Moderate Unreviewed

CVE-2022-29593 was published Jul 15, 2022

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this... High Unreviewed

CVE-2022-44555 was published Nov 10, 2022

D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to... Critical Unreviewed

CVE-2017-3191 was published May 13, 2022

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon... Critical Unreviewed

CVE-2017-6034 was published May 13, 2022

Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level... High Unreviewed

CVE-2017-6823 was published May 13, 2022

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed

CVE-2021-22640 was published Jul 29, 2022

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix ... Critical Unreviewed

CVE-2021-27289 was published Apr 15, 2025

An OpenPGP digital signature includes information about the date when the signature was created.... Moderate Unreviewed

CVE-2022-2226 was published Dec 22, 2022

The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass... Moderate Unreviewed

CVE-2022-43704 was published Jan 20, 2023

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows... Critical Unreviewed

CVE-2024-4009 was published Jun 5, 2024

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which... High Unreviewed

CVE-2024-40715 was published Nov 7, 2024

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028... High Unreviewed

CVE-2024-12137 was published Mar 19, 2025

Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2023-23397 was published Mar 14, 2023

SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This... High Unreviewed

CVE-2025-1887 was published Mar 7, 2025

Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote... Critical Unreviewed

CVE-2025-26201 was published Feb 24, 2025

The login mechanism via device authentication of CGFIDO from Changing Information Technology has... High Unreviewed

CVE-2024-12839 was published Dec 31, 2024

Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay... Moderate Unreviewed

CVE-2024-52534 was published Dec 25, 2024

In the development options section of the Settings app, there is a possible authentication bypass... High Unreviewed

CVE-2018-9477 was published Nov 20, 2024

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by... High Unreviewed

CVE-2024-49595 was published Nov 26, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

138 advisories