GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

235 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Duplicate Advisory: Improper Verification of Cryptographic Signature in google-oauth-java-client High

GHSA-xh97-72ww-2w58 was published for com.google.oauth-client:google-oauth-client (Maven) May 4, 2022 • withdrawn

The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an... High Unreviewed

CVE-2022-25333 was published Oct 19, 2023

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed

CVE-2023-43611 was published Oct 10, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed

CVE-2023-40727 was published Sep 14, 2023

Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio... High Unreviewed

CVE-2023-23773 was published Aug 29, 2023

Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site... High Unreviewed

CVE-2023-23772 was published Aug 29, 2023

Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this... High Unreviewed

CVE-2023-39392 was published Aug 13, 2023

Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation... High Unreviewed

CVE-2023-39393 was published Aug 13, 2023

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed

CVE-2023-38418 was published Aug 2, 2023

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic... High Unreviewed

CVE-2023-32449 was published Jun 22, 2023

Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic... High Unreviewed

CVE-2023-28602 was published Jun 13, 2023

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature... High Unreviewed

CVE-2023-25934 was published May 4, 2023

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and... High Unreviewed

CVE-2020-10608 was published May 24, 2022

wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed

CVE-2019-19962 was published May 24, 2022

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a... High Unreviewed

CVE-2019-16992 was published May 24, 2022

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer... High Unreviewed

CVE-2019-11755 was published May 24, 2022

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,... High Unreviewed

CVE-2019-12662 was published May 24, 2022

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed

CVE-2019-12649 was published May 24, 2022

Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed

CVE-2019-5299 was published May 24, 2022

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed

CVE-2019-1010279 was published May 24, 2022

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed

CVE-2019-12269 was published May 24, 2022

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed

CVE-2019-1728 was published May 24, 2022

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed

CVE-2024-1149 was published Feb 8, 2024

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed

CVE-2024-1150 was published Feb 8, 2024

Improper Certificate Validation in phpseclib High

CVE-2021-30130 was published for phpseclib/phpseclib (Composer) Apr 7, 2021

Previous 1…5…10 Next

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

235 advisories