Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

368 advisories

Loading
A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK... High Unreviewed
CVE-2021-31892 was published May 24, 2022
Improper Certificate Validation in Apache Qpid Proton High
CVE-2019-0223 was published for org.apache.qpid:proton-j (Maven) May 24, 2022
Improper Certificate Validation in Jenkins Spira Importer Plugin High
CVE-2019-16558 was published for com.inflectra.spiratest.plugins:inflectra-spira-integration (Maven) May 24, 2022
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an... High Unreviewed
CVE-2020-12681 was published May 24, 2022
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate... High Unreviewed
CVE-2021-35193 was published May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5... High Unreviewed
CVE-2021-32581 was published May 24, 2022
The mechanism which performs certificate validation was discovered to have a flaw that resulted... High Unreviewed
CVE-2021-27018 was published May 24, 2022
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the... High Unreviewed
CVE-2021-3547 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to... High Unreviewed
CVE-2021-38864 was published May 24, 2022
The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO... High Unreviewed
CVE-2021-35497 was published May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25633 was published May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25634 was published May 24, 2022
The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate... High Unreviewed
CVE-2021-20833 was published May 24, 2022
Hashicorp Consul Missing SSL Certificate Validation High
CVE-2021-32574 was published for github.com/hashicorp/consul (Go) Jul 19, 2021
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has... High Unreviewed
CVE-2021-29737 was published May 24, 2022
Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle... High Unreviewed
CVE-2021-23162 was published May 24, 2022
Jenkins Cadence vManager Plugin disables SSL/TLS and hostname verification High
CVE-2019-10446 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) May 24, 2022
X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01... High Unreviewed
CVE-2003-1229 was published Apr 29, 2022
** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14... High Unreviewed
CVE-2020-16164 was published May 24, 2022
Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter High
CVE-2022-24901 was published for parse-server (npm) May 4, 2022
yoshmidev kurt-r2c
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7234 was published May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed
CVE-2015-0534 was published May 13, 2022
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed
CVE-2017-4981 was published May 13, 2022
Improper Validation of Certificate with Host Mismatch in Java-WebSocket High
CVE-2020-11050 was published for org.java-websocket:Java-WebSocket (Maven) May 8, 2020
p-
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database