Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,692
Erlang
34
GitHub Actions
27
Go
2,279
Maven
5,000+
npm
3,931
NuGet
708
pip
3,699
Pub
12
RubyGems
919
Rust
957
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

33 advisories

Loading
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade... Critical Unreviewed
CVE-2021-36226 was published Feb 6, 2023
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful... Critical Unreviewed
CVE-2023-52538 was published Apr 8, 2024
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III... Critical Unreviewed
CVE-2024-47943 was published Oct 15, 2024
In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and... Critical Unreviewed
CVE-2018-25099 was published Mar 18, 2024
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27670 was published Mar 5, 2025
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in... Critical Unreviewed
CVE-2024-11957 was published Mar 4, 2025
A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed
CVE-2024-52958 was published Nov 27, 2024
An improper verification of cryptographic signature vulnerability was identified in GitHub... Critical Unreviewed
CVE-2024-9487 was published Oct 11, 2024
An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when... Critical Unreviewed
CVE-2024-6800 was published Aug 20, 2024
There is a possible escalation of privilege due to improperly used crypto. This could lead to... Critical Unreviewed
CVE-2024-32911 was published Jun 13, 2024
Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client"... Critical Unreviewed
CVE-2024-36277 was published Jun 17, 2024
An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler... Critical Unreviewed
CVE-2023-28801 was published Aug 31, 2023
perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass... Critical Unreviewed
CVE-2019-1010161 was published May 24, 2022
Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow... Critical Unreviewed
CVE-2019-1010263 was published May 24, 2022
The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 ... Critical Unreviewed
CVE-2023-25718 was published Feb 13, 2023
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka... Critical Unreviewed
CVE-2023-44077 was published Jan 17, 2024
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a... Critical Unreviewed
CVE-2024-21917 was published Jan 31, 2024
An Improper Verification of Cryptographic Signature vulnerability in the update process of... Critical Unreviewed
CVE-2023-5347 was published Jan 9, 2024
The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature... Critical Unreviewed
CVE-2022-23334 was published Jan 30, 2023
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2017-18146 was published May 14, 2022
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine... Critical Unreviewed
CVE-2018-8955 was published May 14, 2022
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet... Critical Unreviewed
CVE-2018-5923 was published May 14, 2022
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2.... Critical Unreviewed
CVE-2018-12356 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10... Critical Unreviewed
CVE-2017-2423 was published May 13, 2022
GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the... Critical Unreviewed
CVE-2017-3198 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database