Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

158 advisories

Loading
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature... Moderate Unreviewed
CVE-2018-16253 was published May 14, 2022
An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary... Moderate Unreviewed
CVE-2018-10407 was published May 14, 2022
Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on... Moderate Unreviewed
CVE-2018-0489 was published May 14, 2022
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on... Moderate Unreviewed
CVE-2018-0486 was published May 14, 2022
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2017-12333 was published May 17, 2022
Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK... Moderate Unreviewed
CVE-2017-8177 was published May 17, 2022
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic... Moderate Unreviewed
CVE-2017-8190 was published May 17, 2022
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan... Moderate Unreviewed
CVE-2016-8021 was published May 17, 2022
Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java)... Moderate Unreviewed
CVE-2017-10669 was published May 17, 2022
A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird... Moderate Unreviewed
CVE-2018-18509 was published May 24, 2022
The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only... Moderate Unreviewed
CVE-2018-12556 was published May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed
CVE-2019-1809 was published May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed
CVE-2019-1808 was published May 24, 2022
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco... Moderate Unreviewed
CVE-2019-1810 was published May 24, 2022
The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier,... Moderate Unreviewed
CVE-2019-8338 was published May 24, 2022
Golang/x/crypto message forgery vulnerability Moderate
CVE-2019-11841 was published for golang.org/x/crypto (Go) May 24, 2022
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160,... Moderate Unreviewed
CVE-2019-5300 was published May 24, 2022
It was found that Spacewalk, all versions through 2.8, did not safely compute client token... Moderate Unreviewed
CVE-2019-10136 was published May 24, 2022
Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client... Moderate Unreviewed
CVE-2019-9149 was published May 24, 2022
cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement... Moderate Unreviewed
CVE-2017-18407 was published May 24, 2022
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the... Moderate Unreviewed
CVE-2019-5592 was published May 24, 2022
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of... Moderate Unreviewed
CVE-2019-3738 was published May 24, 2022
Missing SSH host key validation in Mac Plugin Moderate
CVE-2020-2146 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
python-apt Does Not Check Hash Signature Moderate
CVE-2019-15796 was published for python-apt (pip) May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense ... Moderate Unreviewed
CVE-2020-3308 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database