Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,699
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,941
NuGet
708
pip
3,708
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

472 advisories

Loading
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of... Moderate Unreviewed
CVE-2019-3738 was published May 24, 2022
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the... Moderate Unreviewed
CVE-2019-5592 was published May 24, 2022
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed
CVE-2019-5299 was published May 24, 2022
cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement... Moderate Unreviewed
CVE-2017-18407 was published May 24, 2022
perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass... Critical Unreviewed
CVE-2019-1010161 was published May 24, 2022
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed
CVE-2019-1010279 was published May 24, 2022
Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow... Critical Unreviewed
CVE-2019-1010263 was published May 24, 2022
Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client... Moderate Unreviewed
CVE-2019-9149 was published May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed
CVE-2019-12269 was published May 24, 2022
The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier,... Moderate Unreviewed
CVE-2019-8338 was published May 24, 2022
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed
CVE-2019-1728 was published May 24, 2022
A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu... Moderate Unreviewed
CVE-2012-2092 was published Apr 23, 2022
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the... Moderate Unreviewed
CVE-2011-3374 was published Apr 22, 2022
The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 ... Critical Unreviewed
CVE-2023-25718 was published Feb 13, 2023
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag... Moderate Unreviewed
CVE-2005-2181 was published May 1, 2022
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not... Moderate Unreviewed
CVE-2002-1796 was published Apr 30, 2022
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID,... Moderate Unreviewed
CVE-2005-2182 was published May 1, 2022
AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure Moderate
CVE-2023-42811 was published for aes-gcm (Rust) Sep 22, 2023
nandita-v
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal... Moderate Unreviewed
CVE-2002-1706 was published Apr 30, 2022
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1149 was published Feb 8, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1150 was published Feb 8, 2024
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka... Critical Unreviewed
CVE-2023-44077 was published Jan 17, 2024
Improper Certificate Validation in phpseclib High
CVE-2021-30130 was published for phpseclib/phpseclib (Composer) Apr 7, 2021
SimpleSAMLphp saml2 incorrect signature validation High
CVE-2018-7711 was published for simplesamlphp/saml2 (Composer) May 14, 2022
Signature validation bypass in XmlSecLibs High
CVE-2019-3465 was published for robrichards/xmlseclibs (Composer) Nov 8, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database