GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,837

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

142 advisories

Filter by severity

Sort by

Least recently updated

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a... High Unreviewed

CVE-2019-16992 was published May 24, 2022

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer... High Unreviewed

CVE-2019-11755 was published May 24, 2022

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,... High Unreviewed

CVE-2019-12662 was published May 24, 2022

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an... High Unreviewed

CVE-2019-12649 was published May 24, 2022

Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature... High Unreviewed

CVE-2019-5299 was published May 24, 2022

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of... High Unreviewed

CVE-2019-1010279 was published May 24, 2022

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can... High Unreviewed

CVE-2019-12269 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1813 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1812 was published May 24, 2022

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow... High Unreviewed

CVE-2019-1811 was published May 24, 2022

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and... High Unreviewed

CVE-2019-1728 was published May 24, 2022

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions High Unreviewed

CVE-2014-3585 was published May 17, 2022

A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux... High Unreviewed

CVE-2014-9934 was published May 17, 2022

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to... High Unreviewed

CVE-2017-12331 was published May 17, 2022

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in... High Unreviewed

CVE-2017-16853 was published May 14, 2022

shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth... High Unreviewed

CVE-2017-16852 was published May 14, 2022

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI... High Unreviewed

CVE-2017-17847 was published May 14, 2022

Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block... High Unreviewed

CVE-2018-3756 was published May 14, 2022

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA... High Unreviewed

CVE-2018-15836 was published May 14, 2022

An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature... High Unreviewed

CVE-2017-17848 was published May 14, 2022

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control... High Unreviewed

CVE-2018-12019 was published May 14, 2022

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows... High Unreviewed

CVE-2018-18653 was published May 13, 2022

An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the... High Unreviewed

CVE-2018-10988 was published May 13, 2022

The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and... High Unreviewed

CVE-2017-6445 was published May 13, 2022

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2... High Unreviewed

CVE-2017-11400 was published May 13, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

142 advisories