Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

487 advisories

Loading
Keycloak vulnerable to Improper Certificate Validation Moderate
CVE-2020-35509 was published for org.keycloak:keycloak-core (Maven) Aug 24, 2022
'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which... Moderate Unreviewed
CVE-2022-34156 was published Aug 17, 2022
Jenkins Git client plugin 3.11.0 does not perform SSH host key verification Moderate
CVE-2022-36881 was published for org.jenkins-ci.plugins:git-client (Maven) Jul 28, 2022
NotMyFault
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0... Moderate Unreviewed
CVE-2021-22131 was published Jul 19, 2022
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway... Moderate Unreviewed
CVE-2022-20813 was published Jul 7, 2022
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server... Moderate Unreviewed
CVE-2022-29482 was published Jun 15, 2022
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses... Moderate Unreviewed
CVE-2022-26491 was published Jun 3, 2022
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0... Moderate Unreviewed
CVE-2022-29082 was published May 27, 2022
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5,... Moderate Unreviewed
CVE-2022-26766 was published May 27, 2022
Pion/DLTS Accepts Client Certificates Without CertificateVerify Moderate
CVE-2022-29222 was published for github.com/pion/dtls (Go) May 25, 2022
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0... Moderate Unreviewed
CVE-2022-22306 was published May 25, 2022
Improper Certificate Validation in MongoDB Moderate
CVE-2021-20328 was published for org.mongodb:mongo-java-driver (Maven) May 24, 2022
Summary - The certificate used to identify Orchestrator to EdgeConnect devices is not validated... Moderate Unreviewed
CVE-2020-12143 was published May 24, 2022
Details The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is... Moderate Unreviewed
CVE-2020-12144 was published May 24, 2022
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax... Moderate Unreviewed
CVE-2020-5367 was published May 24, 2022
Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates... Moderate Unreviewed
CVE-2015-4100 was published May 24, 2022
kevinsawicki/http-request Missing certificate validation Moderate
CVE-2019-1010206 was published for com.github.kevinsawicki:http-request (Maven) May 24, 2022
IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by... Moderate Unreviewed
CVE-2019-4264 was published May 24, 2022
CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass... Moderate Unreviewed
CVE-2018-20200 was published May 24, 2022
Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to... Moderate Unreviewed
CVE-2021-23167 was published May 24, 2022
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV... Moderate Unreviewed
CVE-2021-26320 was published May 24, 2022
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS... Moderate Unreviewed
CVE-2021-41019 was published May 24, 2022
A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted... Moderate Unreviewed
CVE-2021-22278 was published May 24, 2022
CFEngine Enterprise 3.15.0 through 3.15.4 has Missing SSL Certificate Validation. Moderate Unreviewed
CVE-2021-36756 was published May 24, 2022
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper certificate... Moderate Unreviewed
CVE-2021-40713 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database