GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
62 advisories
Filter by severity
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP...
Critical
Unreviewed
CVE-2019-20461
was published
Nov 7, 2024
An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables...
Critical
Unreviewed
CVE-2024-45159
was published
Sep 5, 2024
There is a vulnerability in the AP Certificate Management Service which could allow a threat...
Critical
Unreviewed
CVE-2024-42395
was published
Aug 6, 2024
In gnss service, there is a possible escalation of privilege due to improper certificate...
Critical
Unreviewed
CVE-2024-20080
was published
Jul 1, 2024
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under...
Critical
Unreviewed
CVE-2024-25140
was published
Feb 6, 2024
SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack...
Critical
Unreviewed
CVE-2023-50356
was published
Jan 31, 2024
An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2023-42425
was published
Oct 31, 2023
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for...
Critical
Unreviewed
CVE-2023-5422
was published
Oct 16, 2023
Lack of TLS certificate verification in log transmission of a financial module within LINE Client...
Critical
Unreviewed
CVE-2023-5554
was published
Oct 12, 2023
In JetBrains Ktor before 2.3.5 server certificates were not verified
Critical
Unreviewed
CVE-2023-45613
was published
Oct 9, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed...
Critical
Unreviewed
CVE-2023-40256
was published
Aug 11, 2023
Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute...
Critical
Unreviewed
CVE-2022-47758
was published
Apr 27, 2023
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows...
Critical
Unreviewed
CVE-2021-46880
was published
Apr 15, 2023
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable...
Critical
Unreviewed
CVE-2023-26463
was published
Apr 15, 2023
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation.
Critical
Unreviewed
CVE-2022-45597
was published
Mar 25, 2023
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up...
Critical
Unreviewed
CVE-2022-31733
was published
Feb 3, 2023
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation...
Critical
Unreviewed
CVE-2022-45100
was published
Feb 1, 2023
A certificate validation issue existed in the handling of WKWebView. This issue was addressed...
Critical
Unreviewed
CVE-2022-42813
was published
Nov 2, 2022
An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible...
Critical
Unreviewed
CVE-2022-34831
was published
Sep 15, 2022
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage...
Critical
Unreviewed
CVE-2022-37437
was published
Aug 17, 2022
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x,...
Critical
Unreviewed
CVE-2022-34865
was published
Aug 5, 2022
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a...
Critical
Unreviewed
CVE-2022-26305
was published
Jul 26, 2022
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL:...
Critical
Unreviewed
CVE-2014-8164
was published
Jul 7, 2022
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line...
Critical
Unreviewed
CVE-2022-32156
was published
Jun 16, 2022
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not...
Critical
Unreviewed
CVE-2022-32151
was published
Jun 16, 2022
ProTip!
Advisories are also available from the
GraphQL API