Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

204 advisories

Loading
A vulnerability in software image verification in Cisco IOS XE Software could allow an... High Unreviewed
CVE-2020-3209 was published May 24, 2022
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-26194 was published Apr 9, 2024
google-oauth-java-client improperly verifies cryptographic signature High
CVE-2021-22573 was published for com.google.oauth-client:google-oauth-client (Maven) Apr 9, 2024
TimurSadykov
Duplicate Advisory: Improper Verification of Cryptographic Signature in google-oauth-java-client High
GHSA-xh97-72ww-2w58 was published for com.google.oauth-client:google-oauth-client (Maven) May 4, 2022 withdrawn
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an... High Unreviewed
CVE-2022-25333 was published Oct 19, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-43611 was published Oct 10, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40727 was published Sep 14, 2023
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio... High Unreviewed
CVE-2023-23773 was published Aug 29, 2023
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site... High Unreviewed
CVE-2023-23772 was published Aug 29, 2023
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this... High Unreviewed
CVE-2023-39392 was published Aug 13, 2023
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation... High Unreviewed
CVE-2023-39393 was published Aug 13, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-38418 was published Aug 2, 2023
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-32449 was published Jun 22, 2023
Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-28602 was published Jun 13, 2023
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature... High Unreviewed
CVE-2023-25934 was published May 4, 2023
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and... High Unreviewed
CVE-2020-10608 was published May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a... High Unreviewed
CVE-2019-16992 was published May 24, 2022
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer... High Unreviewed
CVE-2019-11755 was published May 24, 2022
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2019-12662 was published May 24, 2022
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2019-12649 was published May 24, 2022
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed
CVE-2019-5299 was published May 24, 2022
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed
CVE-2019-1010279 was published May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed
CVE-2019-12269 was published May 24, 2022
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed
CVE-2019-1728 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database