GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
283 advisories
Filter by severity
Windows Certificate Spoofing Vulnerability.
High
Unreviewed
CVE-2022-21836
was published
Jan 12, 2022
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
High
Unreviewed
CVE-2024-51774
was published
Nov 2, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6055
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-49570
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The...
High
Unreviewed
CVE-2023-6058
was published
Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6056
was published
Oct 18, 2024
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning...
High
Unreviewed
CVE-2023-49567
was published
Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6057
was published
Oct 18, 2024
Windows Secure Channel Spoofing Vulnerability
High
Unreviewed
CVE-2024-43550
was published
Oct 8, 2024
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS...
High
Unreviewed
CVE-2024-7206
was published
Oct 8, 2024
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper...
High
Unreviewed
CVE-2023-31190
was published
Jul 11, 2023
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024...
High
Unreviewed
CVE-2024-43201
was published
Sep 23, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31872
was published
Apr 10, 2024
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS...
High
Unreviewed
CVE-2024-8287
was published
Sep 18, 2024
An improper certificate validation vulnerability in TLS certificate validation allows an attacker...
High
Unreviewed
CVE-2024-40714
was published
Sep 7, 2024
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an...
High
Unreviewed
CVE-2024-41996
was published
Aug 26, 2024
A flaw was found in the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an...
High
Unreviewed
CVE-2024-8007
was published
Aug 21, 2024
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on...
High
Unreviewed
CVE-2022-32509
was published
May 14, 2024
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and...
High
Unreviewed
CVE-2024-7570
was published
Aug 13, 2024
Certificate Validation user interface in LibreOffice allows potential vulnerability.
Signed...
High
Unreviewed
CVE-2024-6472
was published
Aug 5, 2024
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted...
High
Unreviewed
CVE-2023-40104
was published
Feb 16, 2024
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the...
High
Unreviewed
CVE-2020-12614
was published
Dec 12, 2023
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
High
Unreviewed
CVE-2022-20703
was published
Feb 11, 2022
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the...
High
Unreviewed
CVE-2024-28872
was published
Jul 11, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3...
High
Unreviewed
CVE-2023-50178
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API