Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

77 advisories

Loading
The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for... Critical Unreviewed
CVE-2021-45490 was published Mar 29, 2022
An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible... Critical Unreviewed
CVE-2022-34831 was published Sep 15, 2022
Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker... Critical Unreviewed
CVE-2021-20110 was published May 24, 2022
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line... Critical Unreviewed
CVE-2022-32156 was published Jun 16, 2022
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not... Critical Unreviewed
CVE-2022-32151 was published Jun 16, 2022
libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote... Critical Unreviewed
CVE-2015-3886 was published May 17, 2022
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL:... Critical Unreviewed
CVE-2014-8164 was published Jul 7, 2022
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might... Critical Unreviewed
CVE-2015-7826 was published May 17, 2022
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed
CVE-2017-2800 was published May 13, 2022
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM)... Critical Unreviewed
CVE-2020-27649 was published May 24, 2022
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager ... Critical Unreviewed
CVE-2020-27648 was published May 24, 2022
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server... Critical Unreviewed
CVE-2021-3460 was published May 24, 2022
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for... Critical Unreviewed
CVE-2021-3336 was published May 24, 2022
While processing server certificate from IPSec server, certificate validation for subject... Critical Unreviewed
CVE-2020-11176 was published May 24, 2022
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of... Critical Unreviewed
CVE-2020-28907 was published May 24, 2022
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x,... Critical Unreviewed
CVE-2022-34865 was published Aug 5, 2022
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted... Critical Unreviewed
CVE-2021-33695 was published May 24, 2022
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate... Critical Unreviewed
CVE-2021-33907 was published May 24, 2022
The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages.... Critical Unreviewed
CVE-2017-7406 was published May 24, 2022
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage... Critical Unreviewed
CVE-2022-37437 was published Aug 17, 2022
fs2-io skips mTLS client verification Critical
CVE-2022-31183 was published for co.fs2:fs2-io (Maven) Jul 29, 2022
Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx... Critical Unreviewed
CVE-2018-11747 was published May 13, 2022
A certificate validation issue existed in the handling of WKWebView. This issue was addressed... Critical Unreviewed
CVE-2022-42813 was published Nov 2, 2022
A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to... Critical Unreviewed
CVE-2018-15387 was published May 13, 2022
A potential vulnerability has been identified in HP Remote Graphics Software’s certificate... Critical Unreviewed
CVE-2018-5926 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database