Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

407 advisories

Loading
Improper verification of cryptographic signature during installation of a VPN driver via the... High Unreviewed
CVE-2024-7479 was published Sep 25, 2024
Improper verification of cryptographic signature during installation of a Printer driver via the... High Unreviewed
CVE-2024-7481 was published Sep 25, 2024
OpenStack Keystone does not check signature TTL of the EC2 credential auth method Moderate
CVE-2020-12692 was published for keystone (pip) May 24, 2022
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows... High Unreviewed
CVE-2023-39211 was published Aug 9, 2023
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-23960 was published Sep 28, 2024
An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when... Critical Unreviewed
CVE-2024-6800 was published Aug 20, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16... Low Unreviewed
CVE-2023-2030 was published Jan 12, 2024
SimpleGeo python-oauth2 does not check the nonce allowing replay attacks High
CVE-2013-4346 was published for oauth2 (pip) May 17, 2022
Multiple cryptographic issues in Python oic High
CVE-2020-26244 was published for oic (pip) Dec 4, 2020
F3r0C17Y mladevbb
CheariX
OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature Moderate
CVE-2023-23940 was published for openzeppelin-cairo-contracts (pip) Feb 2, 2023
An improper verification of cryptographic signature vulnerability was identified in GitHub... Critical Unreviewed
CVE-2024-9487 was published Oct 11, 2024
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could... High Unreviewed
CVE-2024-8531 was published Oct 11, 2024
SSOReady has an XML Signature Bypass via differential XML parsing Critical
CVE-2024-47832 was published for github.com/ssoready/ssoready (Go) Oct 11, 2024
ahacker1-securesaml
Improper Verification of Cryptographic Signature in PySAML2 Moderate
CVE-2021-21239 was published for pysaml2 (pip) Jan 21, 2021
bawolff
SAML XML Signature wrapping in PySAML2 Moderate
CVE-2021-21238 was published for pysaml2 (pip) Jan 21, 2021
VictorSG
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak High
GHSA-xgfv-xpx8-qhcr was published for org.keycloak:keycloak-saml-core (Maven) Oct 14, 2024
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III... Unknown Unreviewed
CVE-2024-47943 was published Oct 15, 2024
Elliptic's verify function omits uniqueness validation Low
CVE-2024-48949 was published for elliptic (npm) Oct 10, 2024
Markus-MS
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
AlexV525
svix vulnerable to Authentication Bypass Moderate
CVE-2024-21491 was published for svix (Rust) Feb 13, 2024
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on... High Unreviewed
CVE-2023-28796 was published Oct 23, 2023
Python RSA allows attackers to spoof signatures Moderate
CVE-2016-1494 was published for rsa (pip) May 14, 2022
Improper Verification of Cryptographic Signature in PySAML2 High
CVE-2020-5390 was published for pysaml2 (pip) May 6, 2020
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43572 was published for starkbank-ecdsa (pip) Nov 10, 2021
SaltStack Improper Verification of Cryptographic Signature High
CVE-2022-22934 was published for salt (pip) Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database