GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
269 advisories
Filter by severity
The tested version of Dominion Voting Systems ImageCast X does not validate application...
High
Unreviewed
CVE-2022-1739
was published
Jun 25, 2022
This issue was addressed by verifying host keys when connecting to a previously-known SSH server....
Moderate
Unreviewed
CVE-2019-8901
was published
May 24, 2022
Improper verification of cryptographic signature in the installer for some Intel(R) Wireless...
Moderate
Unreviewed
CVE-2021-0152
was published
May 24, 2022
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify...
High
Unreviewed
CVE-2021-34420
was published
May 24, 2022
Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab...
Moderate
Unreviewed
CVE-2021-39909
was published
May 24, 2022
There is a signature management vulnerability in some huawei products. An attacker can forge...
High
Unreviewed
CVE-2021-37127
was published
May 24, 2022
It is possible for an attacker to manipulate signed documents and macros to appear to come from a...
High
Unreviewed
CVE-2021-41830
was published
May 24, 2022
It is possible for an attacker to manipulate the timestamp of signed documents. All versions of...
Moderate
Unreviewed
CVE-2021-41831
was published
May 24, 2022
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source...
High
Unreviewed
CVE-2021-41832
was published
May 24, 2022
There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for...
High
Unreviewed
CVE-2021-29108
was published
May 24, 2022
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local...
High
Unreviewed
CVE-2021-31841
was published
May 24, 2022
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to...
High
Unreviewed
CVE-2021-31847
was published
May 24, 2022
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)...
High
Unreviewed
CVE-2021-34708
was published
May 24, 2022
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)...
Moderate
Unreviewed
CVE-2021-34709
was published
May 24, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in...
High
Unreviewed
CVE-2021-1849
was published
May 24, 2022
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML...
High
Unreviewed
CVE-2021-3051
was published
May 24, 2022
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based ...
High
Unreviewed
CVE-2021-34433
was published
May 24, 2022
A vulnerability in the image verification function of Cisco Expressway Series and Cisco...
High
Unreviewed
CVE-2021-34715
was published
May 24, 2022
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper...
High
Unreviewed
CVE-2021-36277
was published
May 24, 2022
A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus...
Critical
Unreviewed
CVE-2021-37160
was published
May 24, 2022
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City ...
High
Unreviewed
CVE-2021-22708
was published
May 24, 2022
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID...
High
Unreviewed
CVE-2021-35039
was published
May 24, 2022
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self...
Moderate
Unreviewed
CVE-2021-23992
was published
May 24, 2022
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0...
High
Unreviewed
CVE-2021-3196
was published
May 24, 2022
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
High
Unreviewed
CVE-2021-28091
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API