GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
415 advisories
Filter by severity
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM),...
High
Unreviewed
CVE-2023-20266
was published
Aug 30, 2023
Cleartext Signed Message Signature Spoofing in openpgp
Moderate
CVE-2023-41037
was published
for
openpgp
(npm)
Aug 29, 2023
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site...
High
Unreviewed
CVE-2023-23772
was published
Aug 29, 2023
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio...
High
Unreviewed
CVE-2023-23773
was published
Aug 29, 2023
Improper verification of applications' cryptographic signatures in the /e/OS app store client App...
Moderate
Unreviewed
CVE-2021-43171
was published
Aug 22, 2023
@node-saml/node-saml's validatePostRequestAsync does not include checkTimestampsValidityError
Moderate
CVE-2023-40178
was published
for
@node-saml/node-saml
(npm)
Aug 21, 2023
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation...
High
Unreviewed
CVE-2023-39393
was published
Aug 13, 2023
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39392
was published
Aug 13, 2023
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows...
High
Unreviewed
CVE-2023-39211
was published
Aug 9, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating...
High
Unreviewed
CVE-2023-38418
was published
Aug 2, 2023
Incorrect signature verification of the firmware during the Device Firmware Update process of...
Moderate
Unreviewed
CVE-2023-33768
was published
Jul 13, 2023
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic...
High
Unreviewed
CVE-2023-32449
was published
Jun 22, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for...
High
Unreviewed
CVE-2023-34120
was published
Jun 13, 2023
Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic...
High
Unreviewed
CVE-2023-28602
was published
Jun 13, 2023
notation-go's verification bypass can cause users to verify the wrong artifact
High
CVE-2023-33959
was published
for
github.com/notaryproject/notation-go
(Go)
Jun 6, 2023
Signature validation bypass in github.com/moov-io/signedxml
Critical
CVE-2023-34205
was published
for
github.com/moov-io/signedxml
(Go)
May 30, 2023
Incorrect signature verification in django-ses
Low
CVE-2023-33185
was published
for
django-ses
(pip)
May 22, 2023
Local privilege escalation due to unrestricted loading of unsigned libraries. The following...
High
Unreviewed
CVE-2022-4418
was published
May 18, 2023
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature...
High
Unreviewed
CVE-2023-25934
was published
May 4, 2023
NATS TLS certificate common name validation bypass
Moderate
GHSA-wvc4-j7g5-4f79
was published
for
nats
(Rust)
Mar 27, 2023
An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application...
Moderate
Unreviewed
CVE-2023-28818
was published
Mar 24, 2023
russh may use insecure Diffie-Hellman keys
Moderate
CVE-2023-28113
was published
for
russh
(Rust)
Mar 17, 2023
In the Android operating system, there is a possible way to replace a boot partition due to...
High
Unreviewed
CVE-2023-20940
was published
Feb 28, 2023
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all...
Moderate
Unreviewed
CVE-2021-43074
was published
Feb 16, 2023
The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 ...
Critical
Unreviewed
CVE-2023-25718
was published
Feb 13, 2023
ProTip!
Advisories are also available from the
GraphQL API