Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

102 advisories

Loading
ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE... Moderate Unreviewed
CVE-2024-8036 was published Oct 25, 2024
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-23960 was published Sep 28, 2024
An Improper Validation of signature in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28806 was published Aug 6, 2024
The Zscaler Updater process does not validate the digital signature of the installer before... Moderate Unreviewed
CVE-2024-23460 was published Aug 6, 2024
An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables... Moderate Unreviewed
CVE-2024-41258 was published Jul 31, 2024
An issue was discovered in litestream v0.3.13. The usage of the ssh.InsecureIgnoreHostKey()... Moderate Unreviewed
CVE-2024-41254 was published Jul 31, 2024
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to... Moderate Unreviewed
CVE-2024-5912 was published Jul 10, 2024
Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local... Moderate Unreviewed
CVE-2024-20892 was published Jul 2, 2024
Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed
CVE-2024-27244 was published May 15, 2024
Improper privilege management in the installer for Zoom Desktop Client for Windows before version... Moderate Unreviewed
CVE-2024-24694 was published Apr 9, 2024
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5... Moderate Unreviewed
CVE-2024-27247 was published Apr 9, 2024
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification... Moderate Unreviewed
CVE-2024-2307 was published Mar 19, 2024
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate... Moderate Unreviewed
CVE-2024-0567 was published Jan 16, 2024
A vulnerability exists in the Relion update package signature validation. A tampered update... Moderate Unreviewed
CVE-2022-3864 was published Jan 4, 2024
Some Honor products are affected by signature management vulnerability, successful exploitation... Moderate Unreviewed
CVE-2023-23435 was published Dec 29, 2023
Some Honor products are affected by signature management vulnerability, successful exploitation... Moderate Unreviewed
CVE-2023-23433 was published Dec 29, 2023
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated... Moderate Unreviewed
CVE-2023-49646 was published Dec 14, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an... Moderate Unreviewed
CVE-2023-20568 was published Nov 14, 2023
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an... Moderate Unreviewed
CVE-2023-20567 was published Nov 14, 2023
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-28804 was published Oct 23, 2023
Improper verification of applications' cryptographic signatures in the /e/OS app store client App... Moderate Unreviewed
CVE-2021-43171 was published Aug 22, 2023
Incorrect signature verification of the firmware during the Device Firmware Update process of... Moderate Unreviewed
CVE-2023-33768 was published Jul 13, 2023
An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application... Moderate Unreviewed
CVE-2023-28818 was published Mar 24, 2023
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all... Moderate Unreviewed
CVE-2021-43074 was published Feb 16, 2023
An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted... Moderate Unreviewed
CVE-2022-47549 was published Dec 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database