GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,817

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

421 advisories

Filter by severity

Sort by

Least recently updated

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC... Moderate Unreviewed

CVE-2020-11488 was published May 24, 2022

Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier)... Low Unreviewed

CVE-2020-24439 was published May 24, 2022

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed

CVE-2020-26122 was published May 24, 2022

An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires... High Unreviewed

CVE-2020-28045 was published May 24, 2022

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without... Moderate Unreviewed

CVE-2020-29438 was published May 24, 2022

Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082... Critical Unreviewed

CVE-2020-27540 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1136 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1244 was published May 24, 2022

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without... High Unreviewed

CVE-2020-23967 was published May 24, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35113 was published Sep 3, 2022

An improper verification of cryptographic signature vulnerability exists in the Palo Alto... Critical Unreviewed

CVE-2021-3033 was published May 24, 2022

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed

CVE-2021-1453 was published May 24, 2022

Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36284 was published May 24, 2022

The Portable Document Format (PDF) specification does not provide any information regarding the... Moderate Unreviewed

CVE-2018-18688 was published May 24, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35097 was published Sep 3, 2022

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed

CVE-2021-1375 was published May 24, 2022

Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36285 was published May 24, 2022

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed

CVE-2021-33054 was published May 24, 2022

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed

CVE-2021-3445 was published May 24, 2022

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed

CVE-2021-22734 was published May 24, 2022

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and... Critical Unreviewed

CVE-2021-20487 was published May 24, 2022

Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow Critical

CVE-2021-22160 was published for org.apache.pulsar:pulsar (Maven) Jun 1, 2021

Inadequate Encryption Strength in showdoc Moderate

CVE-2021-3680 was published for showdoc/showdoc (Composer) Sep 1, 2021

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed

CVE-2021-28091 was published May 24, 2022

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed

CVE-2021-1376 was published May 24, 2022

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

421 advisories