Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,850
Maven
5,000+
npm
4,485
NuGet
779
pip
4,238
Pub
12
RubyGems
975
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+

545 advisories

Loading
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed
CVE-2019-1615 was published May 13, 2022
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in... Moderate Unreviewed
CVE-2018-6459 was published May 13, 2022
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote... Moderate Unreviewed
CVE-2011-3965 was published May 13, 2022
HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers,... Critical Unreviewed
CVE-2019-6318 was published May 13, 2022
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. High Unreviewed
CVE-2020-16154 was published Feb 10, 2022
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25... Moderate Unreviewed
CVE-2014-1498 was published May 13, 2022
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43569 was published for starkbank-ecdsa (NuGet) Nov 10, 2021
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43571 was published for starkbank-ecdsa (npm) Nov 10, 2021
BLS Signature "Malleability" Moderate
CVE-2021-21405 was published for github.com/filecoin-project/lotus (Go) May 21, 2021
Improper Verification of Cryptographic Signature Critical
CVE-2021-32685 was published for tenvoy (npm) Jun 21, 2021
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed
CVE-2018-4111 was published May 13, 2022
Signature validation bypass in ServiceStack Moderate
CVE-2020-28042 was published for ServiceStack (NuGet) Jan 13, 2021
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal... High Unreviewed
CVE-2018-7340 was published May 13, 2022
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019... Moderate Unreviewed
CVE-2018-16042 was published May 13, 2022
Signature wrapping vulnerability in Spring Security High
CVE-2020-5407 was published for org.springframework.security:spring-security-core (Maven) Jun 5, 2020
Improper Verification of Cryptographic Signature in keycloak Moderate
CVE-2019-10201 was published for org.keycloak:keycloak-core (Maven) Sep 23, 2019
Insufficient consistency checks in signature handling in the networking stack in Google Chrome... Moderate Unreviewed
CVE-2017-5066 was published May 13, 2022
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function... Moderate Unreviewed
CVE-2018-10470 was published May 13, 2022
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from... High Unreviewed
CVE-2018-3968 was published May 13, 2022
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand... Moderate Unreviewed
CVE-2022-26510 was published May 13, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains... High Unreviewed
CVE-2022-28751 was published Aug 18, 2022
Tendermint light client verification not taking into account chain ID Moderate
CVE-2022-23507 was published for tendermint-light-client (Rust) Dec 14, 2022
hu55a1n1 mzabaluev
plafer
Credited to hu55a1n1, mzabaluev, and plafer
In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i... Moderate Unreviewed
CVE-2020-13101 was published May 24, 2022
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle... Moderate Unreviewed
CVE-2021-40326 was published Aug 29, 2022
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper... High Unreviewed
CVE-2021-36277 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database