Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

202 advisories

Loading
Improper Certificate Validation in phpseclib High
CVE-2021-30130 was published for phpseclib/phpseclib (Composer) Apr 7, 2021
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1150 was published Feb 8, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1149 was published Feb 8, 2024
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack High
CVE-2023-46234 was published for browserify-sign (npm) Oct 26, 2023
roadicing ljharb
katzj
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed
CVE-2019-1728 was published May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed
CVE-2019-12269 was published May 24, 2022
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed
CVE-2019-1010279 was published May 24, 2022
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed
CVE-2019-5299 was published May 24, 2022
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2019-12649 was published May 24, 2022
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2019-12662 was published May 24, 2022
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer... High Unreviewed
CVE-2019-11755 was published May 24, 2022
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a... High Unreviewed
CVE-2019-16992 was published May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and... High Unreviewed
CVE-2020-10608 was published May 24, 2022
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature... High Unreviewed
CVE-2023-25934 was published May 4, 2023
Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-28602 was published Jun 13, 2023
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-32449 was published Jun 22, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-38418 was published Aug 2, 2023
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation... High Unreviewed
CVE-2023-39393 was published Aug 13, 2023
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this... High Unreviewed
CVE-2023-39392 was published Aug 13, 2023
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site... High Unreviewed
CVE-2023-23772 was published Aug 29, 2023
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio... High Unreviewed
CVE-2023-23773 was published Aug 29, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40727 was published Sep 14, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-43611 was published Oct 10, 2023
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an... High Unreviewed
CVE-2022-25333 was published Oct 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database