GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,724

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed

CVE-2021-28091 was published May 24, 2022

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed

CVE-2021-33054 was published May 24, 2022

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and... Critical Unreviewed

CVE-2021-20487 was published May 24, 2022

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed

CVE-2021-22734 was published May 24, 2022

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX)... High Unreviewed

CVE-2021-22735 was published May 24, 2022

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who... Moderate Unreviewed

CVE-2021-3421 was published May 24, 2022

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed

CVE-2021-3445 was published May 24, 2022

Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36285 was published May 24, 2022

Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36284 was published May 24, 2022

Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-23533 was published May 24, 2022

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed

CVE-2021-1453 was published May 24, 2022

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed

CVE-2021-1375 was published May 24, 2022

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed

CVE-2021-1376 was published May 24, 2022

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without... High Unreviewed

CVE-2020-23967 was published May 24, 2022

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure... High Unreviewed

CVE-2021-1366 was published May 24, 2022

An improper verification of cryptographic signature vulnerability exists in the Palo Alto... Critical Unreviewed

CVE-2021-3033 was published May 24, 2022

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who... Moderate Unreviewed

CVE-2021-21474 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1244 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1136 was published May 24, 2022

Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082... Critical Unreviewed

CVE-2020-27540 was published May 24, 2022

The Portable Document Format (PDF) specification does not provide any information regarding the... Moderate Unreviewed

CVE-2018-18689 was published May 24, 2022

The Portable Document Format (PDF) specification does not provide any information regarding the... Moderate Unreviewed

CVE-2018-18688 was published May 24, 2022

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed

CVE-2020-26122 was published May 24, 2022

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without... Moderate Unreviewed

CVE-2020-29438 was published May 24, 2022

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed... Moderate Unreviewed

CVE-2020-8133 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories