GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,728
Maven
4,953
npm
3,486
NuGet
605
pip
3,053
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
235 advisories
Filter by severity
Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows...
Unknown
Unreviewed
CVE-2024-1721
was published
May 21, 2024
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege...
High
Unreviewed
CVE-2023-50228
was published
May 3, 2024
A fallback mechanism in code sign checking on macOS may allow arbitrary code execution. This...
High
Unreviewed
CVE-2024-23480
was published
May 1, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-26194
was published
Apr 9, 2024
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification...
Moderate
Unreviewed
CVE-2024-2307
was published
Mar 19, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent...
High
Unreviewed
CVE-2024-1149
was published
Feb 8, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent...
High
Unreviewed
CVE-2024-1150
was published
Feb 8, 2024
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a...
Critical
Unreviewed
CVE-2024-21917
was published
Jan 31, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Low
Unreviewed
CVE-2024-21383
was published
Jan 26, 2024
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka...
Critical
Unreviewed
CVE-2023-44077
was published
Jan 17, 2024
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate...
Moderate
Unreviewed
CVE-2024-0567
was published
Jan 16, 2024
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone...
Critical
Unreviewed
CVE-2016-20021
was published
Jan 12, 2024
An Improper Verification of Cryptographic Signature vulnerability in the update process of...
Critical
Unreviewed
CVE-2023-5347
was published
Jan 9, 2024
A vulnerability exists in the Relion update package signature validation. A tampered update...
Moderate
Unreviewed
CVE-2022-3864
was published
Jan 4, 2024
Some Honor products are affected by signature management vulnerability, successful exploitation...
High
Unreviewed
CVE-2023-23436
was published
Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation...
High
Unreviewed
CVE-2023-23432
was published
Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation...
Moderate
Unreviewed
CVE-2023-23433
was published
Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation...
Moderate
Unreviewed
CVE-2023-23435
was published
Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation...
High
Unreviewed
CVE-2023-23431
was published
Dec 29, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an...
Moderate
Unreviewed
CVE-2023-20568
was published
Nov 14, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an...
Moderate
Unreviewed
CVE-2023-20567
was published
Nov 14, 2023
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution...
High
Unreviewed
CVE-2023-5747
was published
Nov 13, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has...
High
Unreviewed
CVE-2023-34058
was published
Oct 27, 2023
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on...
High
Unreviewed
CVE-2023-28796
was published
Oct 23, 2023
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2023-28804
was published
Oct 23, 2023
ProTip!
Advisories are also available from the
GraphQL API