Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

189 advisories

Loading
Laravel Reverb Missing API Signature Verification High
CVE-2024-50347 was published for laravel/reverb (Composer) Oct 31, 2024
RobertBoes
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
AlexV525
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak High
GHSA-xgfv-xpx8-qhcr was published for org.keycloak:keycloak-saml-core (Maven) Oct 14, 2024
Hyperledger Indy's update process of a DID does not check who signs the request High
CVE-2020-11093 was published for indy-node (pip) Aug 30, 2024
alexandredeleze
Signature forgery in Spring Boot's Loader High
CVE-2024-38807 was published for org.springframework.boot:spring-boot-loader (Maven) Aug 23, 2024
Windows Enroll Engine Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38069 was published Jul 9, 2024
Authlib has algorithm confusion with asymmetric public keys High
CVE-2024-37568 was published for authlib (pip) Jun 9, 2024
Grafana Plugin signature bypass High
CVE-2022-31123 was published for github.com/grafana/grafana (Go) May 14, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-26194 was published Apr 9, 2024
google-oauth-java-client improperly verifies cryptographic signature High
CVE-2021-22573 was published for com.google.oauth-client:google-oauth-client (Maven) Apr 9, 2024
TimurSadykov
ProTip! Advisories are also available from the GraphQL API