Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

957 advisories

Loading
Improper Certificate Validation in TweetStream Moderate
CVE-2020-24393 was published for tweetstream (RubyGems) Apr 13, 2021
Improper Certificate Validation in Puppet Moderate
CVE-2020-7942 was published for puppet (RubyGems) Apr 13, 2021
mongodb-client-encryption vulnerable to Improper Certificate Validation Moderate
CVE-2021-20327 was published for mongodb-client-encryption (npm) Apr 12, 2021
Improper Certificate Validation in phpseclib High
CVE-2021-30130 was published for phpseclib/phpseclib (Composer) Apr 7, 2021
Improper Certificate Validation in twitter-stream Moderate
CVE-2020-24392 was published for twitter-stream (RubyGems) Mar 29, 2021
Insecure Defaults Leads to Potential MITM in ezseed-transmission Moderate
CVE-2016-1000224 was published for ezseed-transmission (npm) Sep 1, 2020
Missing TLS certificate verification in faye-websocket High
CVE-2020-15133 was published for faye-websocket (RubyGems) Jul 31, 2020
Missing TLS certificate verification High
CVE-2020-15134 was published for faye (RubyGems) Jul 31, 2020
Data leakage via cache key collision in Django Moderate
CVE-2020-13254 was published for Django (pip) Jun 5, 2020
tdunlap607
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender Low
CVE-2020-9488 was published for org.apache.logging.log4j:log4j (Maven) Jun 5, 2020
DmitriyLewen
Improper Validation of Certificate with Host Mismatch in Java-WebSocket High
CVE-2020-11050 was published for org.java-websocket:Java-WebSocket (Maven) May 8, 2020
p-
Improper Certificate Validation in Apache Beam High
CVE-2020-1929 was published for org.apache.beam:beam-sdks-java-io-mongodb (Maven) May 6, 2020
Python Twisted trustRoot is not respected in HTTP client High
CVE-2014-7143 was published for twisted (pip) Dec 17, 2019
Improper Certificate Validation in Twisted High
CVE-2019-12855 was published for twisted (pip) Aug 16, 2019
Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak Moderate
CVE-2019-3875 was published for org.keycloak:keycloak-core (Maven) Jun 27, 2019
Improper Certificate Validation in urllib3 High
CVE-2019-11324 was published for urllib3 (pip) Apr 19, 2019
tdunlap607
splunk-sdk does not properly verify untrusted TLS server certificates Critical
CVE-2019-5729 was published for splunk-sdk (pip) Mar 25, 2019
Improper Certificate Validation in chloride High
CVE-2018-6517 was published for chloride (RubyGems) Mar 25, 2019
SSL Validation Defaults to False in electron-packager Low
CVE-2016-10534 was published for electron-packager (npm) Feb 18, 2019
Improper Certificate Validation in Apache Airflow High
CVE-2018-20245 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
Improper Input Validation in Apache Thrift High
CVE-2018-1320 was published for org.apache.thrift:libthrift (Maven) Jan 17, 2019
szymon-miezal MarkLee131
Improper Certificate Validation in proton-j High
CVE-2018-17187 was published for org.apache.qpid:proton-j (Maven) Nov 21, 2018
MarkLee131
Improper Certificate Validation in Apache activemq-client High
CVE-2018-11775 was published for org.apache.activemq:activemq-client (Maven) Oct 19, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API