GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
31 advisories
LTI JupyterHub Authenticator does not properly validate JWT Signature
Critical
CVE-2023-25574
was published
for
jupyterhub-ltiauthenticator
(pip)
Feb 25, 2025
Home Assistant does not correctly validate SSL for outgoing requests in core and used libs
High
CVE-2025-25305
was published
for
homeassistant
(pip)
Feb 18, 2025
Hyperledger Indy's update process of a DID does not check who signs the request
High
CVE-2020-11093
was published
for
indy-node
(pip)
Aug 30, 2024
Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC
Critical
CVE-2024-21669
was published
for
aries-cloudagent
(pip)
Jan 9, 2024
Archive spoofing vulnerability in borgbackup
Moderate
CVE-2023-36811
was published
for
borgbackup
(pip)
Aug 30, 2023
Incorrect signature verification in django-ses
Low
CVE-2023-33185
was published
for
django-ses
(pip)
May 22, 2023
acryl-datahub missing JWT signature check
Critical
CVE-2022-39366
was published
for
acryl-datahub
(pip)
Oct 31, 2022
Improper Verification of Cryptographic Signature in matrix-synapse
High
CVE-2019-18835
was published
for
matrix-synapse
(pip)
May 24, 2022
Signature verification vulnerability in Stark Bank ecdsa libraries
High
GHSA-9wx7-jrvc-28mm
was published
for
com.starkbank:ecdsa-java
(Maven)
Nov 8, 2021
Improper Verification of Cryptographic Signature in PySAML2
Moderate
CVE-2021-21239
was published
for
pysaml2
(pip)
Jan 21, 2021
ProTip!
Advisories are also available from the
GraphQL API