GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

478 advisories

Filter by severity

Sort by

Least recently updated

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories... Moderate Unreviewed

CVE-2023-31151 was published May 10, 2023

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty... Moderate Unreviewed

CVE-2022-39161 was published May 3, 2023

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,... Moderate Unreviewed

CVE-2023-31485 was published Apr 29, 2023

An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2... Moderate Unreviewed

CVE-2022-48437 was published Apr 12, 2023

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509... Moderate Unreviewed

CVE-2021-3285 was published May 24, 2022

GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP... Moderate Unreviewed

CVE-2020-24661 was published May 24, 2022

The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. Moderate Unreviewed

CVE-2020-13616 was published May 24, 2022

A missing secure communication definition and an incomplete TLS validation in the upgrade service... Moderate Unreviewed

CVE-2019-19101 was published May 24, 2022

In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process... Moderate Unreviewed

CVE-2020-11806 was published May 24, 2022

The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation,... Moderate Unreviewed

CVE-2019-11554 was published May 24, 2022

Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all... Moderate Unreviewed

CVE-2019-11674 was published May 24, 2022

It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client... Moderate Unreviewed

CVE-2019-3814 was published May 24, 2022

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain... Moderate Unreviewed

CVE-2019-5506 was published May 24, 2022

Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration. Moderate Unreviewed

CVE-2019-16179 was published May 24, 2022

A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote... Moderate Unreviewed

CVE-2019-1948 was published May 24, 2022

The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate... Moderate Unreviewed

CVE-2019-5280 was published May 24, 2022

In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). Moderate Unreviewed

CVE-2017-18479 was published May 24, 2022

A vulnerability exists where it possible to force Network Security Services (NSS) to sign... Moderate Unreviewed

CVE-2019-11727 was published May 24, 2022

A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network... Moderate Unreviewed

CVE-2019-1940 was published May 24, 2022

Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows... Moderate Unreviewed

CVE-2019-9148 was published May 24, 2022

Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper... Moderate Unreviewed

CVE-2019-11550 was published May 24, 2022

Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead... Moderate Unreviewed

CVE-2012-1316 was published Apr 23, 2022

Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of... Moderate Unreviewed

CVE-2011-2669 was published Apr 22, 2022

dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to... Moderate Unreviewed

CVE-2011-2207 was published Apr 22, 2022

** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28... Moderate Unreviewed

CVE-2020-16163 was published May 24, 2022

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

478 advisories