Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

429 advisories

Loading
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC... Low Unreviewed
CVE-2018-1842 was published May 13, 2022
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention ... High Unreviewed
CVE-2018-6664 was published May 13, 2022
The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted... High Unreviewed
CVE-2018-7685 was published May 13, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed
CVE-2019-1615 was published May 13, 2022
Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT High
CVE-2017-12974 was published for com.nimbusds:nimbus-jose-jwt (Maven) May 13, 2022
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and... High Unreviewed
CVE-2018-16151 was published May 13, 2022
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and... High Unreviewed
CVE-2018-16152 was published May 13, 2022
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in... Moderate Unreviewed
CVE-2018-6459 was published May 13, 2022
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote... Moderate Unreviewed
CVE-2011-3965 was published May 13, 2022
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25... Moderate Unreviewed
CVE-2014-1498 was published May 13, 2022
HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers,... Critical Unreviewed
CVE-2019-6318 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed
CVE-2018-4111 was published May 13, 2022
Cisco node-jose improper validation of JWT signature High
CVE-2018-0114 was published for node-jose (npm) May 13, 2022
A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and below (All versions),... High Unreviewed
CVE-2018-16557 was published May 13, 2022
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal... High Unreviewed
CVE-2018-7340 was published May 13, 2022
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019... Moderate Unreviewed
CVE-2018-16042 was published May 13, 2022
Wizkunde SAMLBase SAML Bypass High
CVE-2018-5387 was published for gogentooss/samlbase (Composer) May 13, 2022
Insufficient consistency checks in signature handling in the networking stack in Google Chrome... Moderate Unreviewed
CVE-2017-5066 was published May 13, 2022
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function... Moderate Unreviewed
CVE-2018-10470 was published May 13, 2022
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from... High Unreviewed
CVE-2018-3968 was published May 13, 2022
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand... Moderate Unreviewed
CVE-2022-26510 was published May 13, 2022
Duplicate Advisory: Improper Verification of Cryptographic Signature in google-oauth-java-client High
GHSA-xh97-72ww-2w58 was published for com.google.oauth-client:google-oauth-client (Maven) May 4, 2022 withdrawn
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows... High Unreviewed
CVE-2013-3900 was published May 3, 2022
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID,... Moderate Unreviewed
CVE-2005-2182 was published May 1, 2022
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag... Moderate Unreviewed
CVE-2005-2181 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database