Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,728
Maven
4,953
npm
3,486
NuGet
605
pip
3,053
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

235 advisories

Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows... Unknown Unreviewed
CVE-2024-1721 was published May 21, 2024
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege... High Unreviewed
CVE-2023-50228 was published May 3, 2024
A fallback mechanism in code sign checking on macOS may allow arbitrary code execution. This... High Unreviewed
CVE-2024-23480 was published May 1, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-26194 was published Apr 9, 2024
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification... Moderate Unreviewed
CVE-2024-2307 was published Mar 19, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1149 was published Feb 8, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent... High Unreviewed
CVE-2024-1150 was published Feb 8, 2024
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a... Critical Unreviewed
CVE-2024-21917 was published Jan 31, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2024-21383 was published Jan 26, 2024
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka... Critical Unreviewed
CVE-2023-44077 was published Jan 17, 2024
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate... Moderate Unreviewed
CVE-2024-0567 was published Jan 16, 2024
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone... Critical Unreviewed
CVE-2016-20021 was published Jan 12, 2024
An Improper Verification of Cryptographic Signature vulnerability in the update process of... Critical Unreviewed
CVE-2023-5347 was published Jan 9, 2024
A vulnerability exists in the Relion update package signature validation. A tampered update... Moderate Unreviewed
CVE-2022-3864 was published Jan 4, 2024
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23436 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23432 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... Moderate Unreviewed
CVE-2023-23433 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... Moderate Unreviewed
CVE-2023-23435 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23431 was published Dec 29, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an... Moderate Unreviewed
CVE-2023-20568 was published Nov 14, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an... Moderate Unreviewed
CVE-2023-20567 was published Nov 14, 2023
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution... High Unreviewed
CVE-2023-5747 was published Nov 13, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has... High Unreviewed
CVE-2023-34058 was published Oct 27, 2023
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on... High Unreviewed
CVE-2023-28796 was published Oct 23, 2023
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-28804 was published Oct 23, 2023
ProTip! Advisories are also available from the GraphQL API