GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
256 advisories
Filter by severity
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and...
High
Unreviewed
CVE-2018-16151
was published
May 13, 2022
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in...
Moderate
Unreviewed
CVE-2018-6459
was published
May 13, 2022
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote...
Moderate
Unreviewed
CVE-2011-3965
was published
May 13, 2022
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25...
Moderate
Unreviewed
CVE-2014-1498
was published
May 13, 2022
HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers,...
Critical
Unreviewed
CVE-2019-6318
was published
May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue...
Moderate
Unreviewed
CVE-2018-4111
was published
May 13, 2022
A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and below (All versions),...
High
Unreviewed
CVE-2018-16557
was published
May 13, 2022
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal...
High
Unreviewed
CVE-2018-7340
was published
May 13, 2022
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019...
Moderate
Unreviewed
CVE-2018-16042
was published
May 13, 2022
Insufficient consistency checks in signature handling in the networking stack in Google Chrome...
Moderate
Unreviewed
CVE-2017-5066
was published
May 13, 2022
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function...
Moderate
Unreviewed
CVE-2018-10470
was published
May 13, 2022
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from...
High
Unreviewed
CVE-2018-3968
was published
May 13, 2022
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand...
Moderate
Unreviewed
CVE-2022-26510
was published
May 13, 2022
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID,...
Moderate
Unreviewed
CVE-2005-2182
was published
May 1, 2022
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag...
Moderate
Unreviewed
CVE-2005-2181
was published
May 1, 2022
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not...
Moderate
Unreviewed
CVE-2002-1796
was published
Apr 30, 2022
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal...
Moderate
Unreviewed
CVE-2002-1706
was published
Apr 30, 2022
A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu...
Moderate
Unreviewed
CVE-2012-2092
was published
Apr 23, 2022
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the...
Moderate
Unreviewed
CVE-2011-3374
was published
Apr 22, 2022
An improper verification of the cryptographic signature of firmware updates of the B. Braun...
High
Unreviewed
CVE-2020-25166
was published
Apr 15, 2022
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,...
High
Unreviewed
CVE-2021-30066
was published
Apr 5, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies,...
High
Unreviewed
CVE-2021-32977
was published
Apr 5, 2022
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first...
High
Unreviewed
CVE-2015-3298
was published
Mar 31, 2022
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse...
Moderate
Unreviewed
CVE-2021-43393
was published
Mar 5, 2022
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain...
Moderate
Unreviewed
CVE-2021-43392
was published
Mar 5, 2022
ProTip!
Advisories are also available from the
GraphQL API