Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

165 advisories

Loading
GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing... High Unreviewed
CVE-2025-34324 was published Nov 18, 2025
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client... High Unreviewed
CVE-2025-64740 was published Nov 13, 2025
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows... High Unreviewed
CVE-2025-64456 was published Nov 10, 2025
Improper authentication in the API authentication middleware of HCL DevOps Loop allows... High Unreviewed
CVE-2025-55278 was published Nov 6, 2025
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... High Unreviewed
CVE-2025-43468 was published Nov 4, 2025
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or... High Unreviewed
CVE-2025-34503 was published Oct 25, 2025
An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS... High Unreviewed
CVE-2025-46774 was published Oct 14, 2025
E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned.... High Unreviewed
CVE-2025-52550 was published Oct 1, 2025
An insufficiently secured internal function allows session generation for arbitrary users. The... High Unreviewed
CVE-2025-30064 was published Aug 27, 2025
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that... High Unreviewed
CVE-2025-4371 was published Aug 18, 2025
A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0... High Unreviewed
CVE-2025-40758 was published Aug 14, 2025
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly... High Unreviewed
CVE-2025-47827 was published Jun 5, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass... High Unreviewed
CVE-2022-31807 was published May 23, 2025
Improper verification of cryptographic signature in Microsoft Azure Functions allows an... High Unreviewed
CVE-2025-33074 was published Apr 30, 2025
CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution... High Unreviewed
CVE-2025-2764 was published Apr 23, 2025
MSI Center before 2.0.52.0 has Missing PE Signature Validation. High Unreviewed
CVE-2025-27813 was published Apr 10, 2025
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass... High Unreviewed
CVE-2025-2233 was published Mar 12, 2025
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for... High Unreviewed
CVE-2025-20206 was published Mar 5, 2025
Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13172 was published Jan 14, 2025
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-43106 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-41165 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially... High Unreviewed
CVE-2024-41159 was published Dec 19, 2024
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work... High Unreviewed
CVE-2024-41145 was published Dec 19, 2024
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of... High Unreviewed
CVE-2024-41138 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database