Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,693
Erlang
34
GitHub Actions
28
Go
2,283
Maven
5,000+
npm
3,934
NuGet
708
pip
3,702
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
Python RSA allows attackers to spoof signatures Moderate
CVE-2016-1494 was published for rsa (pip) May 14, 2022
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary... Moderate Unreviewed
CVE-2018-15587 was published May 14, 2022
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High... Moderate Unreviewed
CVE-2018-5383 was published May 13, 2022
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an... Moderate Unreviewed
CVE-2016-9604 was published May 13, 2022
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up... Moderate Unreviewed
CVE-2017-15090 was published May 13, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed
CVE-2019-1615 was published May 13, 2022
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in... Moderate Unreviewed
CVE-2018-6459 was published May 13, 2022
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote... Moderate Unreviewed
CVE-2011-3965 was published May 13, 2022
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25... Moderate Unreviewed
CVE-2014-1498 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed
CVE-2018-4111 was published May 13, 2022
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019... Moderate Unreviewed
CVE-2018-16042 was published May 13, 2022
Insufficient consistency checks in signature handling in the networking stack in Google Chrome... Moderate Unreviewed
CVE-2017-5066 was published May 13, 2022
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function... Moderate Unreviewed
CVE-2018-10470 was published May 13, 2022
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand... Moderate Unreviewed
CVE-2022-26510 was published May 13, 2022
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID,... Moderate Unreviewed
CVE-2005-2182 was published May 1, 2022
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag... Moderate Unreviewed
CVE-2005-2181 was published May 1, 2022
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not... Moderate Unreviewed
CVE-2002-1796 was published Apr 30, 2022
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal... Moderate Unreviewed
CVE-2002-1706 was published Apr 30, 2022
A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu... Moderate Unreviewed
CVE-2012-2092 was published Apr 23, 2022
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the... Moderate Unreviewed
CVE-2011-3374 was published Apr 22, 2022
Improper Verification of Cryptographic Signature in `node-forge` Moderate
CVE-2022-24773 was published for node-forge (npm) Mar 18, 2022
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse... Moderate Unreviewed
CVE-2021-43393 was published Mar 5, 2022
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain... Moderate Unreviewed
CVE-2021-43392 was published Mar 5, 2022
Missing server signature validation in OctoberCMS Moderate
CVE-2022-23655 was published for october/system (Composer) Feb 24, 2022
There is a vulnerability of signature verification mechanism failure in system upgrade through... Moderate Unreviewed
CVE-2021-40045 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database