GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
957 advisories
Filter by severity
Agent Dart is missing certificate verification checks
High
CVE-2024-48915
was published
for
agent_dart
(Pub)
Oct 15, 2024
Rancher agents can be hijacked by taking over the Rancher Server URL
High
CVE-2024-22030
was published
for
github.com/rancher/rancher
(Go)
Sep 26, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper...
Moderate
Unreviewed
CVE-2024-47241
was published
Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6057
was published
Oct 18, 2024
The host name verification missing in Apache Tomcat
High
CVE-2018-8034
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Salt vulnerable to Improper Certificate Validation
High
CVE-2015-4017
was published
for
salt
(pip)
May 14, 2022
Restkit Does Not Validate TLS certificates
Moderate
CVE-2015-2674
was published
for
restkit
(pip)
May 17, 2022
SaltStack Salt Improper SSL Certificate Validation
High
CVE-2020-35662
was published
for
salt
(pip)
May 24, 2022
Scalyr Agent Missing SSL Certificate Validation
Critical
CVE-2020-24714
was published
for
scalyr-agent-2
(pip)
May 24, 2022
Scalyr Agent 2 Missing SSL Certificate Validation
Critical
CVE-2020-24715
was published
for
scalyr-agent-2
(pip)
May 24, 2022
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6056
was published
Oct 18, 2024
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning...
High
Unreviewed
CVE-2023-49567
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-49570
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The...
High
Unreviewed
CVE-2023-6058
was published
Oct 18, 2024
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
Moderate
Unreviewed
CVE-2024-43177
was published
Oct 22, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6055
was published
Oct 18, 2024
Slixmpp lacks SSL Certificate hostname validation in XMLStream
High
CVE-2022-45197
was published
for
slixmpp
(pip)
Dec 25, 2022
Python Swift client is vulnerable to Missing SSL Certificate Check
Critical
CVE-2013-6396
was published
for
python-swiftclient
(pip)
May 17, 2022
SaltStack Salt Improper Certificate Validation
High
CVE-2020-28972
was published
for
salt
(pip)
May 24, 2022
splunk-sdk does not properly verify untrusted TLS server certificates
Critical
CVE-2019-5729
was published
for
splunk-sdk
(pip)
Mar 25, 2019
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass...
Moderate
Unreviewed
CVE-2024-31955
was published
Oct 15, 2024
This issue was addressed through improved state management. This issue is fixed in Safari 17.4,...
Moderate
Unreviewed
CVE-2024-23273
was published
Mar 8, 2024
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to...
Moderate
Unreviewed
CVE-2024-28067
was published
Jul 9, 2024
HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable.
Moderate
Unreviewed
CVE-2024-30149
was published
Oct 31, 2024
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
High
Unreviewed
CVE-2024-51774
was published
Nov 2, 2024
ProTip!
Advisories are also available from the
GraphQL API