Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

401 advisories

Loading
HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable. Moderate Unreviewed
CVE-2024-30149 was published Oct 31, 2024
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the... Moderate Unreviewed
CVE-2024-43177 was published Oct 22, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper... Moderate Unreviewed
CVE-2024-47241 was published Oct 18, 2024
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass... Moderate Unreviewed
CVE-2024-31955 was published Oct 15, 2024
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could... Moderate Unreviewed
CVE-2024-20385 was published Oct 2, 2024
In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. Moderate Unreviewed
CVE-2024-9160 was published Sep 27, 2024
Improper Certificate Validation in Checkmk Exchange plugin MikroTik allows attackers in MitM... Moderate Unreviewed
CVE-2024-38861 was published Sep 27, 2024
The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially... Moderate Unreviewed
CVE-2024-30134 was published Sep 26, 2024
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server... Moderate Unreviewed
CVE-2024-38324 was published Sep 25, 2024
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP... Moderate Unreviewed
CVE-2024-8096 was published Sep 11, 2024
AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7... Moderate Unreviewed
CVE-2024-31489 was published Sep 10, 2024
An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions... Moderate Unreviewed
CVE-2022-45856 was published Sep 10, 2024
QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate... Moderate Unreviewed
CVE-2024-39771 was published Aug 28, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with... Moderate Unreviewed
CVE-2023-50314 was published Aug 14, 2024
IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network... Moderate Unreviewed
CVE-2023-50315 was published Aug 14, 2024
A flaw was found in libnbd. The client did not always correctly verify the NBD server's... Moderate Unreviewed
CVE-2024-7383 was published Aug 5, 2024
Under certain circumstances the exacqVision Server will not properly validate TLS certificates... Moderate Unreviewed
CVE-2024-32865 was published Aug 2, 2024
An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to... Moderate Unreviewed
CVE-2024-37865 was published Jul 9, 2024
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to... Moderate Unreviewed
CVE-2024-28067 was published Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0... Moderate Unreviewed
CVE-2024-33509 was published Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7... Moderate Unreviewed
CVE-2023-50179 was published Jul 9, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed
CVE-2024-25053 was published Jun 29, 2024
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper... Moderate Unreviewed
CVE-2024-35299 was published May 16, 2024
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may... Moderate Unreviewed
CVE-2024-33612 was published May 8, 2024
In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used... Moderate Unreviewed
CVE-2024-0042 was published May 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database