GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
390 advisories
Filter by severity
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows...
Moderate
Unreviewed
CVE-2022-3761
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity...
Moderate
Unreviewed
CVE-2022-22380
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a...
Moderate
Unreviewed
CVE-2022-43892
was published
Oct 17, 2023
A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS...
Moderate
Unreviewed
CVE-2023-41991
was published
Sep 21, 2023
MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows...
Moderate
Unreviewed
CVE-2023-38353
was published
Sep 19, 2023
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying...
Moderate
Unreviewed
CVE-2023-35845
was published
Sep 11, 2023
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14...
Moderate
Unreviewed
CVE-2023-41180
was published
Sep 3, 2023
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6...
Moderate
Unreviewed
CVE-2022-22305
was published
Sep 1, 2023
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows...
Moderate
Unreviewed
CVE-2023-24461
was published
Jul 6, 2023
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku...
Moderate
Unreviewed
CVE-2023-29501
was published
Jun 13, 2023
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all...
Moderate
Unreviewed
CVE-2023-29175
was published
Jun 13, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6...
Moderate
Unreviewed
CVE-2023-34410
was published
Jun 5, 2023
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed...
Moderate
Unreviewed
CVE-2023-0430
was published
Jun 2, 2023
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted...
Moderate
Unreviewed
CVE-2023-0547
was published
Jun 2, 2023
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability...
Moderate
Unreviewed
CVE-2023-24568
was published
May 30, 2023
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports...
Moderate
Unreviewed
CVE-2023-28321
was published
May 26, 2023
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45458
was published
May 18, 2023
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45457
was published
May 18, 2023
An Improper Certificate Validation vulnerability
in the Schweitzer Engineering Laboratories...
Moderate
Unreviewed
CVE-2023-31151
was published
May 10, 2023
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01...
Moderate
Unreviewed
CVE-2023-23901
was published
May 10, 2023
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty...
Moderate
Unreviewed
CVE-2022-39161
was published
May 3, 2023
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,...
Moderate
Unreviewed
CVE-2023-31485
was published
Apr 29, 2023
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2...
Moderate
Unreviewed
CVE-2022-48437
was published
Apr 12, 2023
A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All...
Moderate
Unreviewed
CVE-2023-23588
was published
Apr 11, 2023
Applications that use a non-default option when verifying certificates may be vulnerable to an...
Moderate
Unreviewed
CVE-2023-0465
was published
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API