GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,094
Composer 4,792
Erlang 36
GitHub Actions 29
Go 2,377
Maven 5,712
npm 4,002
NuGet 720
pip 3,802
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 262,147

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

121 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected... Moderate Unreviewed

CVE-2025-23364 was published Jul 8, 2025

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with... Moderate Unreviewed

CVE-2024-36347 was published Jun 28, 2025

Improper verification of cryptographic signature in App Control for Business (WDAC) allows an... Moderate Unreviewed

CVE-2025-33069 was published Jun 10, 2025

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series... Moderate Unreviewed

CVE-2025-20181 was published May 7, 2025

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution... Moderate Unreviewed

CVE-2025-2763 was published Apr 23, 2025

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures... Moderate Unreviewed

CVE-2025-43903 was published Apr 18, 2025

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could... Moderate Unreviewed

CVE-2025-20178 was published Apr 16, 2025

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter... Moderate Unreviewed

CVE-2025-31335 was published Mar 28, 2025

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed

CVE-2025-20143 was published Mar 12, 2025

An improper verification of cryptographic signature vulnerability was identified in GitHub... Moderate Unreviewed

CVE-2025-23369 was published Jan 21, 2025

Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned... Moderate Unreviewed

CVE-2024-7344 was published Jan 14, 2025

The application failed to account for exceptions thrown by the `loadManifestFromFile` method... Moderate Unreviewed

CVE-2024-11696 was published Nov 26, 2024

A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could... Moderate Unreviewed

CVE-2021-1461 was published Nov 18, 2024

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing... Moderate Unreviewed

CVE-2024-49394 was published Nov 12, 2024

ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE... Moderate Unreviewed

CVE-2024-8036 was published Oct 25, 2024

Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2024-23960 was published Sep 28, 2024

The Zscaler Updater process does not validate the digital signature of the installer before... Moderate Unreviewed

CVE-2024-23460 was published Aug 6, 2024

An Improper Validation of signature in Zscaler Client Connector on Windows allows an... Moderate Unreviewed

CVE-2023-28806 was published Aug 6, 2024

An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables... Moderate Unreviewed

CVE-2024-41258 was published Jul 31, 2024

An issue was discovered in litestream v0.3.13. The usage of the ssh.InsecureIgnoreHostKey()... Moderate Unreviewed

CVE-2024-41254 was published Jul 31, 2024

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to... Moderate Unreviewed

CVE-2024-5912 was published Jul 10, 2024

Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local... Moderate Unreviewed

CVE-2024-20892 was published Jul 2, 2024

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are... Moderate Unreviewed

CVE-2024-21988 was published Jun 15, 2024

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed

CVE-2024-27244 was published May 15, 2024

Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5... Moderate Unreviewed

CVE-2024-27247 was published Apr 9, 2024

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

121 advisories