GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

138 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote... Moderate Unreviewed

CVE-2025-48012 was published May 21, 2025

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to... High Unreviewed

CVE-2025-30072 was published May 19, 2025

Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal... Moderate Unreviewed

CVE-2025-47706 was published May 14, 2025

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix ... Critical Unreviewed

CVE-2021-27289 was published Apr 15, 2025

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028... High Unreviewed

CVE-2024-12137 was published Mar 19, 2025

SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This... High Unreviewed

CVE-2025-1887 was published Mar 7, 2025

Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote... Critical Unreviewed

CVE-2025-26201 was published Feb 24, 2025

The login mechanism via device authentication of CGFIDO from Changing Information Technology has... High Unreviewed

CVE-2024-12839 was published Dec 31, 2024

Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay... Moderate Unreviewed

CVE-2024-52534 was published Dec 25, 2024

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by... High Unreviewed

CVE-2024-49595 was published Nov 26, 2024

In the development options section of the Settings app, there is a possible authentication bypass... High Unreviewed

CVE-2018-9477 was published Nov 20, 2024

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against... Low Unreviewed

CVE-2024-36250 was published Nov 9, 2024

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which... High Unreviewed

CVE-2024-40715 was published Nov 7, 2024

There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service... High Unreviewed

CVE-2024-22066 was published Oct 29, 2024

IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. High Unreviewed

CVE-2024-46041 was published Oct 7, 2024

An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack... Moderate Unreviewed

CVE-2024-39081 was published Sep 18, 2024

The session hijacking attack targets the application layer's control mechanism, which manages... High Unreviewed

CVE-2024-43099 was published Sep 13, 2024

An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the... High Unreviewed

CVE-2024-3982 was published Aug 27, 2024

An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and... High Unreviewed

CVE-2024-38890 was published Aug 2, 2024

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. Moderate Unreviewed

CVE-2024-5249 was published Jul 30, 2024

D-Link - CWE-294: Authentication Bypass by Capture-replay Critical Unreviewed

CVE-2024-38438 was published Jul 21, 2024

Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay... Moderate Unreviewed

CVE-2024-37016 was published Jul 15, 2024

There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file... High Unreviewed

CVE-2024-38272 was published Jun 26, 2024

Transmitted data is logged between the device and the backend service. An attacker could use... Unknown Unreviewed

CVE-2024-38284 was published Jun 13, 2024

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows... Critical Unreviewed

CVE-2024-4009 was published Jun 5, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

138 advisories