Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,336
NuGet
764
pip
4,111
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

236 advisories

Loading
Home Assistant does not correctly validate SSL for outgoing requests in core and used libs High
CVE-2025-25305 was published for homeassistant (pip) Feb 18, 2025
ReneNulschDE
Credited to ReneNulschDE
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack High
CVE-2023-46234 was published for browserify-sign (npm) Oct 26, 2023
roadicing ljharb
katzj
Credited to roadicing, ljharb, and katzj
Improper Verification of Cryptographic Signature in node-forge High
CVE-2022-24772 was published for node-forge (npm) Mar 18, 2022
Improper Verification of Cryptographic Signature in node-forge High
CVE-2022-24771 was published for node-forge (npm) Mar 18, 2022
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1... High Unreviewed
CVE-2024-49413 was published Dec 3, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed
CVE-2024-22461 was published Dec 13, 2024
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
eduarddfinity AlexV525
Credited to eduarddfinity and AlexV525
Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13172 was published Jan 14, 2025
Windows Cryptographic Services Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-26228 was published Apr 9, 2024
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak High
CVE-2024-8698 was published for org.keycloak:keycloak-saml-core (Maven) Oct 14, 2024
Chetven
Credited to Chetven
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work... High Unreviewed
CVE-2024-41145 was published Dec 19, 2024
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of... High Unreviewed
CVE-2024-41138 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially... High Unreviewed
CVE-2024-39804 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially... High Unreviewed
CVE-2024-42220 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-41165 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-43106 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially... High Unreviewed
CVE-2024-41159 was published Dec 19, 2024
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification... High Unreviewed
CVE-2024-54126 was published Dec 5, 2024
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of... High Unreviewed
CVE-2024-47476 was published Dec 3, 2024
Grafana Plugin signature bypass High
CVE-2022-31123 was published for github.com/grafana/grafana (Go) May 14, 2024
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS... High Unreviewed
CVE-2024-40592 was published Nov 12, 2024
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which... High Unreviewed
CVE-2024-49393 was published Nov 12, 2024
Permission control vulnerability in the hidebug module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-51526 was published Nov 5, 2024
Laravel Reverb Missing API Signature Verification High
CVE-2024-50347 was published for laravel/reverb (Composer) Oct 31, 2024
RobertBoes
Credited to RobertBoes
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database