Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

204 advisories

Loading
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened... High Unreviewed
CVE-2020-26540 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24429 was published May 24, 2022
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed
CVE-2020-26122 was published May 24, 2022
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires... High Unreviewed
CVE-2020-28045 was published May 24, 2022
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without... High Unreviewed
CVE-2020-23967 was published May 24, 2022
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed
CVE-2021-1453 was published May 24, 2022
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36284 was published May 24, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed
CVE-2021-1375 was published May 24, 2022
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36285 was published May 24, 2022
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed
CVE-2021-33054 was published May 24, 2022
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed
CVE-2021-3445 was published May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22734 was published May 24, 2022
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed
CVE-2021-28091 was published May 24, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed
CVE-2021-1376 was published May 24, 2022
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0... High Unreviewed
CVE-2021-3196 was published May 24, 2022
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the... High Unreviewed
CVE-2022-41669 was published Nov 4, 2022
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22735 was published May 24, 2022
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City ... High Unreviewed
CVE-2021-22708 was published May 24, 2022
PolicyController before 0.2.1 may bypass attestation verification High
CVE-2022-35930 was published for github.com/sigstore/policy-controller (Go) Aug 10, 2022
mattmoor
cosign's `cosign verify-attestaton --type` can report a false positive if any attestation exists High
CVE-2022-35929 was published for github.com/sigstore/cosign (Go) Aug 10, 2022
A vulnerability in the image verification function of Cisco Expressway Series and Cisco... High Unreviewed
CVE-2021-34715 was published May 24, 2022
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based ... High Unreviewed
CVE-2021-34433 was published May 24, 2022
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML... High Unreviewed
CVE-2021-3051 was published May 24, 2022
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)... High Unreviewed
CVE-2021-34708 was published May 24, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in... High Unreviewed
CVE-2021-1849 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database