GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
429 advisories
Filter by severity
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC...
Moderate
Unreviewed
CVE-2020-11488
was published
May 24, 2022
Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier)...
Low
Unreviewed
CVE-2020-24439
was published
May 24, 2022
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via...
High
Unreviewed
CVE-2020-26122
was published
May 24, 2022
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires...
High
Unreviewed
CVE-2020-28045
was published
May 24, 2022
Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082...
Critical
Unreviewed
CVE-2020-27540
was published
May 24, 2022
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without...
Moderate
Unreviewed
CVE-2020-29438
was published
May 24, 2022
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when...
Moderate
Unreviewed
CVE-2021-1244
was published
May 24, 2022
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when...
Moderate
Unreviewed
CVE-2021-1136
was published
May 24, 2022
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without...
High
Unreviewed
CVE-2020-23967
was published
May 24, 2022
Possible authentication bypass due to improper order of signature verification and hashing in the...
Moderate
Unreviewed
CVE-2021-35113
was published
Sep 3, 2022
An improper verification of cryptographic signature vulnerability exists in the Palo Alto...
Critical
Unreviewed
CVE-2021-3033
was published
May 24, 2022
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the...
High
Unreviewed
CVE-2021-1453
was published
May 24, 2022
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of...
High
Unreviewed
CVE-2020-36284
was published
May 24, 2022
The Portable Document Format (PDF) specification does not provide any information regarding the...
Moderate
Unreviewed
CVE-2018-18688
was published
May 24, 2022
Possible authentication bypass due to improper order of signature verification and hashing in the...
Moderate
Unreviewed
CVE-2021-35097
was published
Sep 3, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco...
High
Unreviewed
CVE-2021-1375
was published
May 24, 2022
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of...
High
Unreviewed
CVE-2020-36285
was published
May 24, 2022
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any...
High
Unreviewed
CVE-2021-33054
was published
May 24, 2022
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This...
High
Unreviewed
CVE-2021-3445
was published
May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)...
High
Unreviewed
CVE-2021-22734
was published
May 24, 2022
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and...
Critical
Unreviewed
CVE-2021-20487
was published
May 24, 2022
Inadequate Encryption Strength in showdoc
Moderate
CVE-2021-3680
was published
for
showdoc/showdoc
(Composer)
Sep 1, 2021
Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow
Critical
CVE-2021-22160
was published
for
org.apache.pulsar:pulsar
(Maven)
Jun 1, 2021
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
High
Unreviewed
CVE-2021-28091
was published
May 24, 2022
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco...
High
Unreviewed
CVE-2021-1376
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API