GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,475

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

390 advisories

Filter by severity

Sort by

Least recently updated

OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows... Moderate Unreviewed

CVE-2022-3761 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity... Moderate Unreviewed

CVE-2022-22380 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a... Moderate Unreviewed

CVE-2022-43892 was published Oct 17, 2023

A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... Moderate Unreviewed

CVE-2023-41991 was published Sep 21, 2023

MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows... Moderate Unreviewed

CVE-2023-38353 was published Sep 19, 2023

Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying... Moderate Unreviewed

CVE-2023-35845 was published Sep 11, 2023

Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14... Moderate Unreviewed

CVE-2023-41180 was published Sep 3, 2023

An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6... Moderate Unreviewed

CVE-2022-22305 was published Sep 1, 2023

An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows... Moderate Unreviewed

CVE-2023-24461 was published Jul 6, 2023

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku... Moderate Unreviewed

CVE-2023-29501 was published Jun 13, 2023

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all... Moderate Unreviewed

CVE-2023-29175 was published Jun 13, 2023

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6... Moderate Unreviewed

CVE-2023-34410 was published Jun 5, 2023

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed... Moderate Unreviewed

CVE-2023-0430 was published Jun 2, 2023

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted... Moderate Unreviewed

CVE-2023-0547 was published Jun 2, 2023

Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability... Moderate Unreviewed

CVE-2023-24568 was published May 30, 2023

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports... Moderate Unreviewed

CVE-2023-28321 was published May 26, 2023

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45458 was published May 18, 2023

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45457 was published May 18, 2023

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories... Moderate Unreviewed

CVE-2023-31151 was published May 10, 2023

Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01... Moderate Unreviewed

CVE-2023-23901 was published May 10, 2023

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty... Moderate Unreviewed

CVE-2022-39161 was published May 3, 2023

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,... Moderate Unreviewed

CVE-2023-31485 was published Apr 29, 2023

An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2... Moderate Unreviewed

CVE-2022-48437 was published Apr 12, 2023

A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All... Moderate Unreviewed

CVE-2023-23588 was published Apr 11, 2023

Applications that use a non-default option when verifying certificates may be vulnerable to an... Moderate Unreviewed

CVE-2023-0465 was published Mar 28, 2023

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

390 advisories