Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
Gentoo Portage missing PGP validation of executed code High
CVE-2016-20021 was published for portage (pip) Jan 12, 2024
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23436 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23432 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... High Unreviewed
CVE-2023-23431 was published Dec 29, 2023
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution... High Unreviewed
CVE-2023-5747 was published Nov 13, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has... High Unreviewed
CVE-2023-34058 was published Oct 27, 2023
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack High
CVE-2023-46234 was published for browserify-sign (npm) Oct 26, 2023
roadicing ljharb
katzj
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on... High Unreviewed
CVE-2023-28796 was published Oct 23, 2023
free5GC udm vulnerable to Invalid Curve Attack High
CVE-2023-46324 was published for github.com/free5gc/udm (Go) Oct 23, 2023
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an... High Unreviewed
CVE-2022-25333 was published Oct 19, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-43611 was published Oct 10, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40727 was published Sep 14, 2023
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated,... High Unreviewed
CVE-2023-20236 was published Sep 13, 2023
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated,... High Unreviewed
CVE-2023-20135 was published Sep 13, 2023
Local privilege escalation due to unrestricted loading of unsigned libraries. The following... High Unreviewed
CVE-2023-41744 was published Aug 31, 2023
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM),... High Unreviewed
CVE-2023-20266 was published Aug 30, 2023
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site... High Unreviewed
CVE-2023-23772 was published Aug 29, 2023
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio... High Unreviewed
CVE-2023-23773 was published Aug 29, 2023
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation... High Unreviewed
CVE-2023-39393 was published Aug 13, 2023
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this... High Unreviewed
CVE-2023-39392 was published Aug 13, 2023
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows... High Unreviewed
CVE-2023-39211 was published Aug 9, 2023
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating... High Unreviewed
CVE-2023-38418 was published Aug 2, 2023
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-32449 was published Jun 22, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for... High Unreviewed
CVE-2023-34120 was published Jun 13, 2023
Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic... High Unreviewed
CVE-2023-28602 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database