Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

421 advisories

Loading
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed
CVE-2024-22461 was published Dec 13, 2024
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification... High Unreviewed
CVE-2024-54126 was published Dec 5, 2024
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of... High Unreviewed
CVE-2024-47476 was published Dec 3, 2024
A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed
CVE-2024-52958 was published Nov 27, 2024
sigstore-java has vulnerability with bundle verification Moderate
CVE-2024-53267 was published for dev.sigstore:sigstore-java (Maven) Nov 26, 2024
loosebazooka
The application failed to account for exceptions thrown by the `loadManifestFromFile` method... Moderate Unreviewed
CVE-2024-11696 was published Nov 26, 2024
A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could... Moderate Unreviewed
CVE-2021-1461 was published Nov 18, 2024
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS... High Unreviewed
CVE-2024-40592 was published Nov 12, 2024
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which... High Unreviewed
CVE-2024-49393 was published Nov 12, 2024
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing... Moderate Unreviewed
CVE-2024-49394 was published Nov 12, 2024
Permission control vulnerability in the hidebug module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-51526 was published Nov 5, 2024
Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations Low
CVE-2024-51744 was published for github.com/golang-jwt/jwt/v4 (Go) Nov 4, 2024
yuligesec
Laravel Reverb Missing API Signature Verification High
CVE-2024-50347 was published for laravel/reverb (Composer) Oct 31, 2024
RobertBoes
ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE... Moderate Unreviewed
CVE-2024-8036 was published Oct 25, 2024
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
AlexV525
Valid ECDSA signatures erroneously rejected in Elliptic Low
CVE-2024-48948 was published for elliptic (npm) Oct 15, 2024
martincostello IchordeDionysos
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III... Unknown Unreviewed
CVE-2024-47943 was published Oct 15, 2024
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak High
GHSA-xgfv-xpx8-qhcr was published for org.keycloak:keycloak-saml-core (Maven) Oct 14, 2024
SSOReady has an XML Signature Bypass via differential XML parsing Critical
CVE-2024-47832 was published for github.com/ssoready/ssoready (Go) Oct 11, 2024
ahacker1-securesaml
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could... High Unreviewed
CVE-2024-8531 was published Oct 11, 2024
An improper verification of cryptographic signature vulnerability was identified in GitHub... Critical Unreviewed
CVE-2024-9487 was published Oct 11, 2024
Elliptic's verify function omits uniqueness validation Low
CVE-2024-48949 was published for elliptic (npm) Oct 10, 2024
Markus-MS
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-23960 was published Sep 28, 2024
Improper verification of cryptographic signature during installation of a VPN driver via the... High Unreviewed
CVE-2024-7479 was published Sep 25, 2024
Improper verification of cryptographic signature during installation of a Printer driver via the... High Unreviewed
CVE-2024-7481 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database