GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,673
Composer 5,013
Erlang 39
GitHub Actions 38
Go 2,655
Maven 6,112
npm 4,284
NuGet 760
pip 4,067
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,491

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

164 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed

CVE-2019-12649 was published May 24, 2022

Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed

CVE-2019-5299 was published May 24, 2022

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed

CVE-2019-1010279 was published May 24, 2022

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed

CVE-2019-12269 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1813 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1812 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1811 was published May 24, 2022

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed

CVE-2019-1728 was published May 24, 2022

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions High Unreviewed

CVE-2014-3585 was published May 17, 2022

A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux... High Unreviewed

CVE-2014-9934 was published May 17, 2022

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to... High Unreviewed

CVE-2017-12331 was published May 17, 2022

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in... High Unreviewed

CVE-2017-16853 was published May 14, 2022

shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth... High Unreviewed

CVE-2017-16852 was published May 14, 2022

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI... High Unreviewed

CVE-2017-17847 was published May 14, 2022

Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block... High Unreviewed

CVE-2018-3756 was published May 14, 2022

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA... High Unreviewed

CVE-2018-15836 was published May 14, 2022

An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature... High Unreviewed

CVE-2017-17848 was published May 14, 2022

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control... High Unreviewed

CVE-2018-12019 was published May 14, 2022

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows... High Unreviewed

CVE-2018-18653 was published May 13, 2022

An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the... High Unreviewed

CVE-2018-10988 was published May 13, 2022

The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and... High Unreviewed

CVE-2017-6445 was published May 13, 2022

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2... High Unreviewed

CVE-2017-11400 was published May 13, 2022

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed

CVE-2018-15374 was published May 13, 2022

Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention ... High Unreviewed

CVE-2018-6664 was published May 13, 2022

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted... High Unreviewed

CVE-2018-7685 was published May 13, 2022

Previous 1…67 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

164 advisories