Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local... High Unreviewed
CVE-2021-31841 was published May 24, 2022
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to... High Unreviewed
CVE-2021-31847 was published May 24, 2022
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)... High Unreviewed
CVE-2021-34708 was published May 24, 2022
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS)... Moderate Unreviewed
CVE-2021-34709 was published May 24, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in... High Unreviewed
CVE-2021-1849 was published May 24, 2022
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML... High Unreviewed
CVE-2021-3051 was published May 24, 2022
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based ... High Unreviewed
CVE-2021-34433 was published May 24, 2022
A vulnerability in the image verification function of Cisco Expressway Series and Cisco... High Unreviewed
CVE-2021-34715 was published May 24, 2022
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper... High Unreviewed
CVE-2021-36277 was published May 24, 2022
A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus... Critical Unreviewed
CVE-2021-37160 was published May 24, 2022
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City ... High Unreviewed
CVE-2021-22708 was published May 24, 2022
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID... High Unreviewed
CVE-2021-35039 was published May 24, 2022
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self... Moderate Unreviewed
CVE-2021-23992 was published May 24, 2022
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0... High Unreviewed
CVE-2021-3196 was published May 24, 2022
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. High Unreviewed
CVE-2021-28091 was published May 24, 2022
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any... High Unreviewed
CVE-2021-33054 was published May 24, 2022
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and... Critical Unreviewed
CVE-2021-20487 was published May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22735 was published May 24, 2022
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX)... High Unreviewed
CVE-2021-22734 was published May 24, 2022
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who... Moderate Unreviewed
CVE-2021-3421 was published May 24, 2022
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This... High Unreviewed
CVE-2021-3445 was published May 24, 2022
Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-23533 was published May 24, 2022
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36284 was published May 24, 2022
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of... High Unreviewed
CVE-2020-36285 was published May 24, 2022
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the... High Unreviewed
CVE-2021-1453 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API