GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,473

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

387 advisories

Filter by severity

Sort by

Least recently updated

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed... Moderate Unreviewed

CVE-2020-8133 was published May 24, 2022

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC... Moderate Unreviewed

CVE-2020-11488 was published May 24, 2022

Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier)... Low Unreviewed

CVE-2020-24439 was published May 24, 2022

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via... High Unreviewed

CVE-2020-26122 was published May 24, 2022

An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires... High Unreviewed

CVE-2020-28045 was published May 24, 2022

The Portable Document Format (PDF) specification does not provide any information regarding the... Moderate Unreviewed

CVE-2018-18689 was published May 24, 2022

Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082... Critical Unreviewed

CVE-2020-27540 was published May 24, 2022

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without... Moderate Unreviewed

CVE-2020-29438 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1244 was published May 24, 2022

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when... Moderate Unreviewed

CVE-2021-1136 was published May 24, 2022

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without... High Unreviewed

CVE-2020-23967 was published May 24, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35113 was published Sep 3, 2022

An improper verification of cryptographic signature vulnerability exists in the Palo Alto... Critical Unreviewed

CVE-2021-3033 was published May 24, 2022

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed

CVE-2021-1453 was published May 24, 2022

Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36284 was published May 24, 2022

The Portable Document Format (PDF) specification does not provide any information regarding the... Moderate Unreviewed

CVE-2018-18688 was published May 24, 2022

Possible authentication bypass due to improper order of signature verification and hashing in the... Moderate Unreviewed

CVE-2021-35097 was published Sep 3, 2022

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco... High Unreviewed

CVE-2021-1375 was published May 24, 2022

Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed

CVE-2020-36285 was published May 24, 2022

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed

CVE-2021-33054 was published May 24, 2022

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed

CVE-2021-3445 was published May 24, 2022

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and... Critical Unreviewed

CVE-2021-20487 was published May 24, 2022

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed

CVE-2021-22734 was published May 24, 2022

Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow Critical

CVE-2021-22160 was published for org.apache.pulsar:pulsar (Maven) Jun 1, 2021

Inadequate Encryption Strength in showdoc Moderate

CVE-2021-3680 was published for showdoc/showdoc (Composer) Sep 1, 2021

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

387 advisories