GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
352 advisories
Filter by severity
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow...
High
Unreviewed
CVE-2018-0434
was published
May 13, 2022
IBM Security Guardium EcoSystem 10.5 does not validate, or incorrectly validates, a certificate...
High
Unreviewed
CVE-2018-1509
was published
May 13, 2022
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session...
High
Unreviewed
CVE-2017-7468
was published
May 13, 2022
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)...
High
Unreviewed
CVE-2018-0277
was published
May 13, 2022
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature...
High
Unreviewed
CVE-2018-15784
was published
May 13, 2022
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
High
Unreviewed
CVE-2018-12461
was published
May 13, 2022
Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and...
High
Unreviewed
CVE-2017-3190
was published
May 13, 2022
IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This...
High
Unreviewed
CVE-2017-1622
was published
May 13, 2022
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before...
High
Unreviewed
CVE-2017-10620
was published
May 13, 2022
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly...
High
Unreviewed
CVE-2016-6562
was published
May 13, 2022
An issue was discovered in heinekingmedia StashCat before 1.5.18 for Android. No certificate...
High
Unreviewed
CVE-2017-11132
was published
May 13, 2022
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it...
High
Unreviewed
CVE-2017-15114
was published
May 13, 2022
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to...
High
Unreviewed
CVE-2017-2299
was published
May 13, 2022
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core)...
High
Unreviewed
CVE-2017-3563
was published
May 13, 2022
A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2017-6664
was published
May 13, 2022
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers...
High
Unreviewed
CVE-2021-3618
was published
Mar 24, 2022
An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal...
High
Unreviewed
CVE-2018-10403
was published
May 13, 2022
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal...
High
Unreviewed
CVE-2018-10405
was published
May 13, 2022
An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and...
High
Unreviewed
CVE-2018-10404
was published
May 13, 2022
An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third...
High
Unreviewed
CVE-2018-10408
was published
May 13, 2022
Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation...
High
Unreviewed
CVE-2018-12205
was published
May 13, 2022
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of...
High
Unreviewed
CVE-2018-16875
was published
May 14, 2022
Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted...
High
Unreviewed
CVE-2018-17612
was published
May 14, 2022
A certificate validation issue existed in configuration profiles. This was addressed with...
High
Unreviewed
CVE-2018-4436
was published
May 14, 2022
The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509...
High
Unreviewed
CVE-2018-0650
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API