GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,284
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,297
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,243

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Filter by severity

Sort by

Least recently updated

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all... Moderate Unreviewed

CVE-2021-43074 was published Feb 16, 2023

The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 ... Critical Unreviewed

CVE-2023-25718 was published Feb 13, 2023

Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade... Critical Unreviewed

CVE-2021-36226 was published Feb 6, 2023

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper... High Unreviewed

CVE-2022-34459 was published Feb 1, 2023

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature... Critical Unreviewed

CVE-2022-23334 was published Jan 30, 2023

CRYSTALS-DILITHIUM (in Post-Quantum Cryptography Selected Algorithms 2022) in PQClean d03da30 may... High Unreviewed

CVE-2023-24025 was published Jan 20, 2023

An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted... Moderate Unreviewed

CVE-2022-47549 was published Dec 19, 2022

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the... High Unreviewed

CVE-2022-41669 was published Nov 4, 2022

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows... High Unreviewed

CVE-2022-41666 was published Nov 4, 2022

A vulnerability in the software image verification functionality of Cisco IOS XE Software for... Moderate Unreviewed

CVE-2022-20944 was published Oct 11, 2022

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x... Moderate Unreviewed

CVE-2022-42010 was published Oct 10, 2022

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker... High Unreviewed

CVE-2022-38178 was published Sep 22, 2022

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker... High Unreviewed

CVE-2022-38177 was published Sep 22, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35097 was published Sep 3, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35113 was published Sep 3, 2022

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle... Moderate Unreviewed

CVE-2021-40326 was published Aug 29, 2022

There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary... Moderate Unreviewed

CVE-2021-3521 was published Aug 23, 2022

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347... Moderate Unreviewed

CVE-2022-2790 was published Aug 20, 2022

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains... High Unreviewed

CVE-2022-28751 was published Aug 18, 2022

The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18... Critical Unreviewed

CVE-2022-31207 was published Jul 27, 2022

The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series)... Critical Unreviewed

CVE-2022-31206 was published Jul 27, 2022

The tested version of Dominion Voting Systems ImageCast X does not validate application... High Unreviewed

CVE-2022-1739 was published Jun 25, 2022

This issue was addressed by verifying host keys when connecting to a previously-known SSH server.... Moderate Unreviewed

CVE-2019-8901 was published May 24, 2022

Improper verification of cryptographic signature in the installer for some Intel(R) Wireless... Moderate Unreviewed

CVE-2021-0152 was published May 24, 2022

The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify... High Unreviewed

CVE-2021-34420 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

292 advisories