GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,323

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

130 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an... Moderate Unreviewed

CVE-2019-1736 was published May 24, 2022

A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the... Moderate Unreviewed

CVE-2020-10759 was published May 24, 2022

In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i... Moderate Unreviewed

CVE-2020-13101 was published May 24, 2022

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot... Moderate Unreviewed

CVE-2020-15705 was published May 24, 2022

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer... Moderate Unreviewed

CVE-2020-12244 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense ... Moderate Unreviewed

CVE-2020-3308 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of... Moderate Unreviewed

CVE-2019-3738 was published May 24, 2022

Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the... Moderate Unreviewed

CVE-2019-5592 was published May 24, 2022

cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement... Moderate Unreviewed

CVE-2017-18407 was published May 24, 2022

Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client... Moderate Unreviewed

CVE-2019-9149 was published May 24, 2022

It was found that Spacewalk, all versions through 2.8, did not safely compute client token... Moderate Unreviewed

CVE-2019-10136 was published May 24, 2022

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160,... Moderate Unreviewed

CVE-2019-5300 was published May 24, 2022

The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier,... Moderate Unreviewed

CVE-2019-8338 was published May 24, 2022

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco... Moderate Unreviewed

CVE-2019-1810 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed

CVE-2019-1809 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed

CVE-2019-1808 was published May 24, 2022

The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only... Moderate Unreviewed

CVE-2018-12556 was published May 24, 2022

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird... Moderate Unreviewed

CVE-2018-18509 was published May 24, 2022

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java)... Moderate Unreviewed

CVE-2017-10669 was published May 17, 2022

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan... Moderate Unreviewed

CVE-2016-8021 was published May 17, 2022

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic... Moderate Unreviewed

CVE-2017-8190 was published May 17, 2022

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK... Moderate Unreviewed

CVE-2017-8177 was published May 17, 2022

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2017-12333 was published May 17, 2022

Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on... Moderate Unreviewed

CVE-2018-0486 was published May 14, 2022

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on... Moderate Unreviewed

CVE-2018-0489 was published May 14, 2022

Previous 1…4…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

130 advisories