Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

172 advisories

Loading
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All... High Unreviewed
CVE-2011-20002 was published Oct 14, 2025
Newforma Info Exchange (NIX) '/UserWeb/Common/MarkupServices.ashx' allows a remote,... High Unreviewed
CVE-2025-35058 was published Oct 9, 2025
Newforma Info Exchange (NIX) '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote,... High Unreviewed
CVE-2025-35061 was published Oct 9, 2025
Newforma Info Exchange (NIX) '/RemoteWeb/IntegrationServices.ashx' allows a remote,... Moderate Unreviewed
CVE-2025-35057 was published Oct 9, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port... High Unreviewed
CVE-2025-54810 was published Sep 19, 2025
The Positron PX360BT SW REV 8 car alarm system is vulnerable to a replay attack due to a failure... Moderate Unreviewed
CVE-2025-56448 was published Sep 15, 2025
A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can... Moderate Unreviewed
CVE-2025-8616 was published Aug 6, 2025
Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of... Moderate Unreviewed
CVE-2023-50786 was published Jul 5, 2025
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by... High Unreviewed
CVE-2025-36593 was published Jun 30, 2025
Taylored webhook validation vulnerabilities Critical
GHSA-8g98-m4j9-qww5 was published for taylored (npm) Jun 18, 2025
Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key... Critical Unreviewed
CVE-2025-6029 was published Jun 13, 2025
Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key... Critical Unreviewed
CVE-2025-6030 was published Jun 13, 2025
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. Low Unreviewed
CVE-2024-38823 was published Jun 13, 2025
Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote... Moderate Unreviewed
CVE-2025-48012 was published May 21, 2025
Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to... High Unreviewed
CVE-2025-30072 was published May 19, 2025
Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal... Moderate Unreviewed
CVE-2025-47706 was published May 14, 2025
ZITADEL Allows IdP Intent Token Reuse High
CVE-2025-46815 was published for github.com/zitadel/zitadel (Go) May 6, 2025
cfx livio-a
fforootd
Credited to cfx, livio-a, and fforootd
A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix ... Critical Unreviewed
CVE-2021-27289 was published Apr 15, 2025
Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028... High Unreviewed
CVE-2024-12137 was published Mar 19, 2025
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This... High Unreviewed
CVE-2025-1887 was published Mar 7, 2025
Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote... Critical Unreviewed
CVE-2025-26201 was published Feb 24, 2025
The login mechanism via device authentication of CGFIDO from Changing Information Technology has... High Unreviewed
CVE-2024-12839 was published Dec 31, 2024
Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay... Moderate Unreviewed
CVE-2024-52534 was published Dec 25, 2024
Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by... High Unreviewed
CVE-2024-49595 was published Nov 26, 2024
In the development options section of the Settings app, there is a possible authentication bypass... High Unreviewed
CVE-2018-9477 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database