Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

130 advisories

Loading
A potential security vulnerability has been identified in the HP Linux Imaging and Printing... Moderate Unreviewed
CVE-2025-43023 was published Jul 28, 2025
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... Moderate Unreviewed
CVE-2025-43390 was published Nov 4, 2025
The application failed to account for exceptions thrown by the `loadManifestFromFile` method... Moderate Unreviewed
CVE-2024-11696 was published Nov 26, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-43185 was published Jul 30, 2025
A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function... Moderate Unreviewed
CVE-2025-12295 was published Oct 27, 2025
Cryptographic validation of upgrade images could be circumventing by dropping a specifically... Moderate Unreviewed
CVE-2025-54549 was published Oct 30, 2025
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW... Moderate Unreviewed
CVE-2025-7937 was published Sep 19, 2025
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM... Moderate Unreviewed
CVE-2025-6198 was published Sep 19, 2025
A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated... Moderate Unreviewed
CVE-2025-20248 was published Sep 10, 2025
An improper verification of cryptographic signature vulnerability was identified in GitHub... Moderate Unreviewed
CVE-2025-23369 was published Jan 21, 2025
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized... Moderate Unreviewed
CVE-2025-55229 was published Aug 21, 2025
A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected... Moderate Unreviewed
CVE-2025-23364 was published Jul 8, 2025
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with... Moderate Unreviewed
CVE-2024-36347 was published Jun 28, 2025
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an... Moderate Unreviewed
CVE-2025-33069 was published Jun 10, 2025
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x... Moderate Unreviewed
CVE-2022-42010 was published Oct 10, 2022
A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series... Moderate Unreviewed
CVE-2025-20181 was published May 7, 2025
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution... Moderate Unreviewed
CVE-2025-2763 was published Apr 23, 2025
An issue in code signature validation was addressed with improved checks. This issue is fixed in... Moderate Unreviewed
CVE-2022-42793 was published Nov 2, 2022
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan... Moderate Unreviewed
CVE-2016-8021 was published May 17, 2022
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures... Moderate Unreviewed
CVE-2025-43903 was published Apr 18, 2025
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could... Moderate Unreviewed
CVE-2025-20178 was published Apr 16, 2025
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter... Moderate Unreviewed
CVE-2025-31335 was published Mar 28, 2025
An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables... Moderate Unreviewed
CVE-2024-41258 was published Jul 31, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2025-20143 was published Mar 12, 2025
An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application... Moderate Unreviewed
CVE-2023-28818 was published Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database