Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,692
Erlang
34
GitHub Actions
27
Go
2,279
Maven
5,000+
npm
3,931
NuGet
708
pip
3,699
Pub
12
RubyGems
919
Rust
957
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

152 advisories

Loading
Insufficient verification of multiple header signatures while loading a Trusted Application (TA)... High Unreviewed
CVE-2021-26391 was published Nov 10, 2022
Improper verification of cryptographic signature in Microsoft Azure Functions allows an... High Unreviewed
CVE-2025-33074 was published Apr 30, 2025
CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution... High Unreviewed
CVE-2025-2764 was published Apr 23, 2025
An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature... High Unreviewed
CVE-2017-17848 was published May 14, 2022
An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI... High Unreviewed
CVE-2017-17847 was published May 14, 2022
The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in... High Unreviewed
CVE-2017-16853 was published May 14, 2022
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth... High Unreviewed
CVE-2017-16852 was published May 14, 2022
The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and... High Unreviewed
CVE-2017-6445 was published May 13, 2022
MSI Center before 2.0.52.0 has Missing PE Signature Validation. High Unreviewed
CVE-2025-27813 was published Apr 10, 2025
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass... High Unreviewed
CVE-2025-2233 was published Mar 12, 2025
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has... High Unreviewed
CVE-2023-34058 was published Oct 27, 2023
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for... High Unreviewed
CVE-2025-20206 was published Mar 5, 2025
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1... High Unreviewed
CVE-2024-49413 was published Dec 3, 2024
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate... High Unreviewed
CVE-2020-2021 was published May 24, 2022
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed
CVE-2024-22461 was published Dec 13, 2024
Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13172 was published Jan 14, 2025
Windows Cryptographic Services Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-26228 was published Apr 9, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-41165 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially... High Unreviewed
CVE-2024-39804 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-43106 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of... High Unreviewed
CVE-2024-41138 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially... High Unreviewed
CVE-2024-42220 was published Dec 19, 2024
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work... High Unreviewed
CVE-2024-41145 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially... High Unreviewed
CVE-2024-41159 was published Dec 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database