GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,640
Composer 4,231
Erlang 31
GitHub Actions 20
Go 1,991
Maven 5,178
npm 3,709
NuGet 661
pip 3,341
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,624

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

269 advisories

Filter by severity

Sort by

Least recently updated

The tested version of Dominion Voting Systems ImageCast X does not validate application... High Unreviewed

CVE-2022-1739 was published Jun 25, 2022

This issue was addressed by verifying host keys when connecting to a previously-known SSH server.... Moderate Unreviewed

CVE-2019-8901 was published May 24, 2022

Improper verification of cryptographic signature in the installer for some Intel(R) Wireless... Moderate Unreviewed

CVE-2021-0152 was published May 24, 2022

The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify... High Unreviewed

CVE-2021-34420 was published May 24, 2022

Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab... Moderate Unreviewed

CVE-2021-39909 was published May 24, 2022

There is a signature management vulnerability in some huawei products. An attacker can forge... High Unreviewed

CVE-2021-37127 was published May 24, 2022

It is possible for an attacker to manipulate signed documents and macros to appear to come from a... High Unreviewed

CVE-2021-41830 was published May 24, 2022

It is possible for an attacker to manipulate the timestamp of signed documents. All versions of... Moderate Unreviewed

CVE-2021-41831 was published May 24, 2022

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source... High Unreviewed

CVE-2021-41832 was published May 24, 2022

There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for... High Unreviewed

CVE-2021-29108 was published May 24, 2022

A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local... High Unreviewed

CVE-2021-31841 was published May 24, 2022

Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to... High Unreviewed

CVE-2021-31847 was published May 24, 2022

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)... High Unreviewed

CVE-2021-34708 was published May 24, 2022

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)... Moderate Unreviewed

CVE-2021-34709 was published May 24, 2022

An issue in code signature validation was addressed with improved checks. This issue is fixed in... High Unreviewed

CVE-2021-1849 was published May 24, 2022

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML... High Unreviewed

CVE-2021-3051 was published May 24, 2022

In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based ... High Unreviewed

CVE-2021-34433 was published May 24, 2022

A vulnerability in the image verification function of Cisco Expressway Series and Cisco... High Unreviewed

CVE-2021-34715 was published May 24, 2022

Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper... High Unreviewed

CVE-2021-36277 was published May 24, 2022

A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus... Critical Unreviewed

CVE-2021-37160 was published May 24, 2022

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City ... High Unreviewed

CVE-2021-22708 was published May 24, 2022

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID... High Unreviewed

CVE-2021-35039 was published May 24, 2022

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self... Moderate Unreviewed

CVE-2021-23992 was published May 24, 2022

An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0... High Unreviewed

CVE-2021-3196 was published May 24, 2022

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed

CVE-2021-28091 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

269 advisories