Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,314
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
674
pip
3,433
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

202 advisories

Loading
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0... High Unreviewed
CVE-2021-3196 was published May 24, 2022
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed
CVE-2021-28091 was published May 24, 2022
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed
CVE-2021-33054 was published May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22735 was published May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22734 was published May 24, 2022
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed
CVE-2021-3445 was published May 24, 2022
Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-23533 was published May 24, 2022
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36285 was published May 24, 2022
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36284 was published May 24, 2022
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed
CVE-2021-1453 was published May 24, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed
CVE-2021-1375 was published May 24, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed
CVE-2021-1376 was published May 24, 2022
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without... High Unreviewed
CVE-2020-23967 was published May 24, 2022
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure... High Unreviewed
CVE-2021-1366 was published May 24, 2022
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed
CVE-2020-26122 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24429 was published May 24, 2022
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires... High Unreviewed
CVE-2020-28045 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened... High Unreviewed
CVE-2020-26540 was published May 24, 2022
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the... High Unreviewed
CVE-2020-10126 was published May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and... High Unreviewed
CVE-2020-10608 was published May 24, 2022
A vulnerability exists that could allow the execution of unauthorized code or operating system... High Unreviewed
CVE-2020-9047 was published May 24, 2022
A vulnerability in software image verification in Cisco IOS XE Software could allow an... High Unreviewed
CVE-2020-3209 was published May 24, 2022
Improper Verification of Cryptographic Signature in Apache Netbeans High
CVE-2019-17561 was published for org.codehaus.mevenide:netbeans (Maven) May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the... High Unreviewed
CVE-2019-16732 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database