GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
262 advisories
Filter by severity
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160,...
Moderate
Unreviewed
CVE-2019-5300
was published
May 24, 2022
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can...
High
Unreviewed
CVE-2019-12269
was published
May 24, 2022
The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier,...
Moderate
Unreviewed
CVE-2019-8338
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1813
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco...
Moderate
Unreviewed
CVE-2019-1810
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
Moderate
Unreviewed
CVE-2019-1809
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
Moderate
Unreviewed
CVE-2019-1808
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1812
was published
May 24, 2022
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow...
High
Unreviewed
CVE-2019-1811
was published
May 24, 2022
The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only...
Moderate
Unreviewed
CVE-2018-12556
was published
May 24, 2022
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and...
High
Unreviewed
CVE-2019-1728
was published
May 24, 2022
A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird...
Moderate
Unreviewed
CVE-2018-18509
was published
May 24, 2022
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
High
Unreviewed
CVE-2014-3585
was published
May 17, 2022
Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java)...
Moderate
Unreviewed
CVE-2017-10669
was published
May 17, 2022
A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux...
High
Unreviewed
CVE-2014-9934
was published
May 17, 2022
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan...
Moderate
Unreviewed
CVE-2016-8021
was published
May 17, 2022
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic...
Moderate
Unreviewed
CVE-2017-8190
was published
May 17, 2022
Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK...
Moderate
Unreviewed
CVE-2017-8177
was published
May 17, 2022
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to...
High
Unreviewed
CVE-2017-12331
was published
May 17, 2022
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2017-12333
was published
May 17, 2022
The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in...
High
Unreviewed
CVE-2017-16853
was published
May 14, 2022
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth...
High
Unreviewed
CVE-2017-16852
was published
May 14, 2022
An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI...
High
Unreviewed
CVE-2017-17847
was published
May 14, 2022
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on...
Moderate
Unreviewed
CVE-2018-0486
was published
May 14, 2022
Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on...
Moderate
Unreviewed
CVE-2018-0489
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API