GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
352 advisories
Filter by severity
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13...
High
Unreviewed
CVE-2017-7080
was published
May 14, 2022
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly...
High
Unreviewed
CVE-2019-7728
was published
May 14, 2022
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11...
High
Unreviewed
CVE-2018-15326
was published
May 14, 2022
An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's...
High
Unreviewed
CVE-2018-17215
was published
May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10...
High
Unreviewed
CVE-2016-7662
was published
May 14, 2022
An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi...
High
Unreviewed
CVE-2018-15476
was published
May 14, 2022
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of...
High
Unreviewed
CVE-2018-11712
was published
May 14, 2022
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of...
High
Unreviewed
CVE-2015-4680
was published
May 14, 2022
OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers...
High
Unreviewed
CVE-2014-3451
was published
May 14, 2022
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a...
High
Unreviewed
CVE-2018-1153
was published
May 14, 2022
The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates...
High
Unreviewed
CVE-2018-0622
was published
May 14, 2022
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a...
High
Unreviewed
CVE-2018-12499
was published
May 14, 2022
The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL...
High
Unreviewed
CVE-2018-0611
was published
May 14, 2022
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man...
High
Unreviewed
CVE-2013-7201
was published
May 14, 2022
The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates...
High
Unreviewed
CVE-2018-0553
was published
May 14, 2022
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2...
High
Unreviewed
CVE-2018-8970
was published
May 14, 2022
An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate...
High
Unreviewed
CVE-2018-10066
was published
May 14, 2022
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to...
High
Unreviewed
CVE-2018-8059
was published
May 14, 2022
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in...
High
Unreviewed
CVE-2022-36173
was published
Sep 13, 2022
On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP...
High
Unreviewed
CVE-2018-5502
was published
May 14, 2022
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when...
High
Unreviewed
CVE-2016-9952
was published
May 14, 2022
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could...
High
Unreviewed
CVE-2018-6221
was published
May 14, 2022
Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R006C00, TE60 V600R006C00 have...
High
Unreviewed
CVE-2017-15341
was published
May 14, 2022
VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates from SSL servers, which...
High
Unreviewed
CVE-2018-6827
was published
May 14, 2022
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature.
High
Unreviewed
CVE-2017-18227
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API