GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
415 advisories
Filter by severity
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege...
High
Unreviewed
CVE-2023-50228
was published
May 3, 2024
A fallback mechanism in code sign checking on macOS may allow arbitrary code execution. This...
High
Unreviewed
CVE-2024-23480
was published
May 1, 2024
xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing
Critical
CVE-2024-32962
was published
for
xml-crypto
(npm)
May 1, 2024
Keycloak vulnerable to impersonation via logout token exchange
Low
CVE-2023-0657
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5...
Moderate
Unreviewed
CVE-2024-27247
was published
Apr 9, 2024
Improper privilege management in the installer for Zoom Desktop Client for Windows before version...
Moderate
Unreviewed
CVE-2024-24694
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-26194
was published
Apr 9, 2024
google-oauth-java-client improperly verifies cryptographic signature
High
CVE-2021-22573
was published
for
com.google.oauth-client:google-oauth-client
(Maven)
Apr 9, 2024
An issue in D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band Whole-Home Mesh Wi-Fi System (Hardware...
High
Unreviewed
CVE-2023-52043
was published
Apr 4, 2024
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification...
Moderate
Unreviewed
CVE-2024-2307
was published
Mar 19, 2024
svix vulnerable to Authentication Bypass
Moderate
CVE-2024-21491
was published
for
svix
(Rust)
Feb 13, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent...
High
Unreviewed
CVE-2024-1149
was published
Feb 8, 2024
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent...
High
Unreviewed
CVE-2024-1150
was published
Feb 8, 2024
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a...
Critical
Unreviewed
CVE-2024-21917
was published
Jan 31, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Low
Unreviewed
CVE-2024-21383
was published
Jan 26, 2024
Improper Verification of Cryptographic Signature in aws-encryption-sdk-java
Moderate
CVE-2024-23680
was published
for
com.amazonaws:aws-encryption-sdk-java
(Maven)
Jan 19, 2024
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka...
Critical
Unreviewed
CVE-2023-44077
was published
Jan 17, 2024
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate...
Moderate
Unreviewed
CVE-2024-0567
was published
Jan 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16...
Low
Unreviewed
CVE-2023-2030
was published
Jan 12, 2024
Gentoo Portage missing PGP validation of executed code
High
CVE-2016-20021
was published
for
portage
(pip)
Jan 12, 2024
Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC
Critical
CVE-2024-21669
was published
for
aries-cloudagent
(pip)
Jan 9, 2024
An Improper Verification of Cryptographic Signature vulnerability in the update process of...
Critical
Unreviewed
CVE-2023-5347
was published
Jan 9, 2024
A vulnerability exists in the Relion update package signature validation. A tampered update...
Moderate
Unreviewed
CVE-2022-3864
was published
Jan 4, 2024
Some Honor products are affected by signature management vulnerability, successful exploitation...
High
Unreviewed
CVE-2023-23436
was published
Dec 29, 2023
ProTip!
Advisories are also available from the
GraphQL API