GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

410 advisories

Filter by severity

Sort by

Least recently updated

Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not... Moderate Unreviewed

CVE-2016-1184 was published May 13, 2022

The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed

CVE-2017-8943 was published May 13, 2022

The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509... Moderate Unreviewed

CVE-2015-4094 was published May 13, 2022

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC... Moderate Unreviewed

CVE-2012-3037 was published May 13, 2022

Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's... Moderate Unreviewed

CVE-2012-5824 was published May 13, 2022

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore... Moderate Unreviewed

CVE-2018-3927 was published May 13, 2022

An exploitable denial of service vulnerability exists within the reading of proprietary server... Moderate Unreviewed

CVE-2017-2836 was published May 13, 2022

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL... Moderate Unreviewed

CVE-2017-2913 was published May 13, 2022

Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of... Moderate Unreviewed

CVE-2021-27768 was published May 13, 2022

Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication,... Moderate Unreviewed

CVE-2009-4831 was published May 2, 2022

libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is... Moderate Unreviewed

CVE-2009-3767 was published May 2, 2022

Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes... Moderate Unreviewed

CVE-2009-3046 was published May 2, 2022

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before... Moderate Unreviewed

CVE-2009-2408 was published May 2, 2022

The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates... Moderate Unreviewed

CVE-2005-3170 was published May 1, 2022

Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead... Moderate Unreviewed

CVE-2012-1316 was published Apr 23, 2022

Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08... Moderate Unreviewed

CVE-2021-3898 was published Apr 23, 2022

Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of... Moderate Unreviewed

CVE-2011-2669 was published Apr 22, 2022

dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to... Moderate Unreviewed

CVE-2011-2207 was published Apr 22, 2022

A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates... Moderate Unreviewed

CVE-2007-5967 was published Apr 21, 2022

In ccu, there is a possible escalation of privilege due to a missing certificate validation. This... Moderate Unreviewed

CVE-2022-20071 was published Apr 12, 2022

In A-GPS, there is a possible man in the middle attack due to improper certificate validation.... Moderate Unreviewed

CVE-2022-20081 was published Apr 12, 2022

WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify... Moderate Unreviewed

CVE-2022-28352 was published Apr 3, 2022

An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed

CVE-2022-0123 was published Mar 29, 2022

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9... Moderate Unreviewed

CVE-2022-21170 was published Mar 11, 2022

"Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under... Moderate Unreviewed

CVE-2022-25243 was published Mar 11, 2022

Previous 1 2 … 13 14 15 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

410 advisories