GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,190

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

62 advisories

Filter by severity

Sort by

Least recently updated

The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages.... Critical Unreviewed

CVE-2017-7406 was published May 24, 2022

The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate... Critical Unreviewed

CVE-2021-33907 was published May 24, 2022

Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted... Critical Unreviewed

CVE-2021-33695 was published May 24, 2022

Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker... Critical Unreviewed

CVE-2021-20110 was published May 24, 2022

While processing server certificate from IPSec server, certificate validation for subject... Critical Unreviewed

CVE-2020-11176 was published May 24, 2022

Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of... Critical Unreviewed

CVE-2020-28907 was published May 24, 2022

The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server... Critical Unreviewed

CVE-2021-3460 was published May 24, 2022

DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for... Critical Unreviewed

CVE-2021-3336 was published May 24, 2022

Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM)... Critical Unreviewed

CVE-2020-27649 was published May 24, 2022

Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager ... Critical Unreviewed

CVE-2020-27648 was published May 24, 2022

A certificate validation issue existed when processing administrator added certificates. This... Critical Unreviewed

CVE-2020-9868 was published May 24, 2022

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c... Critical Unreviewed

CVE-2020-7043 was published May 24, 2022

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate... Critical Unreviewed

CVE-2019-18633 was published May 24, 2022

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because... Critical Unreviewed

CVE-2019-18632 was published May 24, 2022

systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS... Critical Unreviewed

CVE-2018-21029 was published May 24, 2022

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via... Critical Unreviewed

CVE-2015-2320 was published May 24, 2022

The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. Critical Unreviewed

CVE-2017-17945 was published May 24, 2022

The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. Critical Unreviewed

CVE-2017-17944 was published May 24, 2022

botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might... Critical Unreviewed

CVE-2015-7826 was published May 17, 2022

libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote... Critical Unreviewed

CVE-2015-3886 was published May 17, 2022

Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept... Critical Unreviewed

CVE-2018-9127 was published May 14, 2022

Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable... Critical Unreviewed

CVE-2018-4991 was published May 14, 2022

Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation... Critical Unreviewed

CVE-2018-12829 was published May 14, 2022

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to... Critical Unreviewed

CVE-2016-1000030 was published May 14, 2022

On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL... Critical Unreviewed

CVE-2019-6592 was published May 14, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

62 advisories