GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,738

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the... Moderate Unreviewed

CVE-2019-5592 was published May 24, 2022

Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed

CVE-2019-5299 was published May 24, 2022

cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement... Moderate Unreviewed

CVE-2017-18407 was published May 24, 2022

perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass... Critical Unreviewed

CVE-2019-1010161 was published May 24, 2022

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed

CVE-2019-1010279 was published May 24, 2022

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow... Critical Unreviewed

CVE-2019-1010263 was published May 24, 2022

Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client... Moderate Unreviewed

CVE-2019-9149 was published May 24, 2022

It was found that Spacewalk, all versions through 2.8, did not safely compute client token... Moderate Unreviewed

CVE-2019-10136 was published May 24, 2022

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160,... Moderate Unreviewed

CVE-2019-5300 was published May 24, 2022

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed

CVE-2019-12269 was published May 24, 2022

The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier,... Moderate Unreviewed

CVE-2019-8338 was published May 24, 2022

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco... Moderate Unreviewed

CVE-2019-1810 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1813 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed

CVE-2019-1809 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1811 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1812 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... Moderate Unreviewed

CVE-2019-1808 was published May 24, 2022

The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only... Moderate Unreviewed

CVE-2018-12556 was published May 24, 2022

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed

CVE-2019-1728 was published May 24, 2022

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird... Moderate Unreviewed

CVE-2018-18509 was published May 24, 2022

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions High Unreviewed

CVE-2014-3585 was published May 17, 2022

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java)... Moderate Unreviewed

CVE-2017-10669 was published May 17, 2022

A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux... High Unreviewed

CVE-2014-9934 was published May 17, 2022

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan... Moderate Unreviewed

CVE-2016-8021 was published May 17, 2022

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic... Moderate Unreviewed

CVE-2017-8190 was published May 17, 2022

Previous 1 2 … 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories