Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure... High Unreviewed
CVE-2021-1366 was published May 24, 2022
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed
CVE-2020-26122 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24429 was published May 24, 2022
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires... High Unreviewed
CVE-2020-28045 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened... High Unreviewed
CVE-2020-26540 was published May 24, 2022
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the... High Unreviewed
CVE-2020-10126 was published May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and... High Unreviewed
CVE-2020-10608 was published May 24, 2022
A vulnerability exists that could allow the execution of unauthorized code or operating system... High Unreviewed
CVE-2020-9047 was published May 24, 2022
A vulnerability in software image verification in Cisco IOS XE Software could allow an... High Unreviewed
CVE-2020-3209 was published May 24, 2022
Improper Verification of Cryptographic Signature in Apache Netbeans High
CVE-2019-17561 was published for org.codehaus.mevenide:netbeans (Maven) May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the... High Unreviewed
CVE-2019-16732 was published May 24, 2022
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a... High Unreviewed
CVE-2019-16992 was published May 24, 2022
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer... High Unreviewed
CVE-2019-11755 was published May 24, 2022
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2019-12662 was published May 24, 2022
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2019-12649 was published May 24, 2022
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed
CVE-2019-5299 was published May 24, 2022
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed
CVE-2019-1010279 was published May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed
CVE-2019-12269 was published May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed
CVE-2019-1813 was published May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed
CVE-2019-1811 was published May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed
CVE-2019-1812 was published May 24, 2022
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed
CVE-2019-1728 was published May 24, 2022
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions High Unreviewed
CVE-2014-3585 was published May 17, 2022
SimpleGeo python-oauth2 does not check the nonce allowing replay attacks High
CVE-2013-4346 was published for oauth2 (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database