GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
126 advisories
Filter by severity
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via...
High
Unreviewed
CVE-2020-26122
was published
May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017...
High
Unreviewed
CVE-2020-24429
was published
May 24, 2022
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires...
High
Unreviewed
CVE-2020-28045
was published
May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened...
High
Unreviewed
CVE-2020-26540
was published
May 24, 2022
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the...
High
Unreviewed
CVE-2020-10126
was published
May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and...
High
Unreviewed
CVE-2020-10608
was published
May 24, 2022
A vulnerability exists that could allow the execution of unauthorized code or operating system...
High
Unreviewed
CVE-2020-9047
was published
May 24, 2022
A vulnerability in software image verification in Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2020-3209
was published
May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in...
High
Unreviewed
CVE-2019-19962
was published
May 24, 2022
Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the...
High
Unreviewed
CVE-2019-16732
was published
May 24, 2022
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a...
High
Unreviewed
CVE-2019-16992
was published
May 24, 2022
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer...
High
Unreviewed
CVE-2019-11755
was published
May 24, 2022
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated,...
High
Unreviewed
CVE-2019-12662
was published
May 24, 2022
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2019-12649
was published
May 24, 2022
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature...
High
Unreviewed
CVE-2019-5299
was published
May 24, 2022
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of...
High
Unreviewed
CVE-2019-1010279
was published
May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can...
High
Unreviewed
CVE-2019-12269
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1813
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1811
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1812
was published
May 24, 2022
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and...
High
Unreviewed
CVE-2019-1728
was published
May 24, 2022
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
High
Unreviewed
CVE-2014-3585
was published
May 17, 2022
A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux...
High
Unreviewed
CVE-2014-9934
was published
May 17, 2022
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to...
High
Unreviewed
CVE-2017-12331
was published
May 17, 2022
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth...
High
Unreviewed
CVE-2017-16852
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API