Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

957 advisories

Loading
Improper Validation of Certificate with Host Mismatch in mellium.im/xmpp/websocket Moderate
CVE-2022-24968 was published for mellium.im/xmpp (Go) Feb 16, 2022
moparisthebest
Skip the router TLS configuration when the host header is an FQDN High
CVE-2022-23632 was published for github.com/traefik/traefik/v2 (Go) Feb 16, 2022
bawolff
Authentication bypass by capture-replay in github.com/cosmos/ethermint High
CVE-2021-25835 was published for github.com/cosmos/ethermint (Go) Feb 15, 2022
Duplicate Advisory: TLS certificate validation error in mellium.im/xmpp Moderate
GHSA-m658-p24x-p74r was published for mellium.im/xmpp (Go) Feb 12, 2022 withdrawn
In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate... Moderate Unreviewed
CVE-2022-20034 was published Feb 11, 2022
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in... Moderate Unreviewed
CVE-2022-24320 was published Feb 11, 2022
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in... Moderate Unreviewed
CVE-2022-24319 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... High Unreviewed
CVE-2022-20703 was published Feb 11, 2022
Improper Certificate Validation in Graylog High
CVE-2020-15813 was published for org.graylog:graylog-parent (Maven) Feb 10, 2022
Apache Geode SSL endpoint verification vulnerability High
CVE-2019-10091 was published for org.apache.geode:geode-core (Maven) Feb 10, 2022
A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1... High Unreviewed
CVE-2021-21959 was published Feb 10, 2022
Improper Certificate Validation in node-sass Moderate
CVE-2020-24025 was published for node-sass (npm) Feb 9, 2022
tdunlap607
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak Moderate
CVE-2020-1758 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker... High Unreviewed
CVE-2022-22156 was published Jan 20, 2022
Windows Certificate Spoofing Vulnerability. High Unreviewed
CVE-2022-21836 was published Jan 12, 2022
Improper Certificate Validation in Apache IoTDB High
CVE-2020-1952 was published for org.apache.iotdb:iotdb-parent (Maven) Jan 6, 2022
e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate validation in the SSL MITM... High Unreviewed
CVE-2021-44273 was published Dec 24, 2021
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail High
CVE-2021-44549 was published for org.apache.sling:org.apache.sling.commons.messaging.mail (Maven) Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected... High Unreviewed
CVE-2021-42027 was published Dec 15, 2021
The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum... Moderate Unreviewed
CVE-2020-4496 was published Dec 14, 2021
Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could... Moderate Unreviewed
CVE-2021-31747 was published Dec 11, 2021
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in... High Unreviewed
CVE-2021-34599 was published Dec 2, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40830 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40829 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database