Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Host name validation for TLS certificates is bypassed when the installed OpenEdge default... High Unreviewed
CVE-2024-7346 was published Sep 3, 2024
Missing hostname validation in Kroxylicious High
CVE-2024-8285 was published for io.kroxylicious:kroxylicious-runtime (Maven) Aug 31, 2024
An issue was discovered in Ada Web Server 20.0. When configured to use SSL (which is not the... High Unreviewed
CVE-2024-37015 was published Aug 13, 2024
KEPServerEX does not properly validate certificates from clients which may allow... High Unreviewed
CVE-2023-5909 was published Dec 1, 2023
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on... High Unreviewed
CVE-2023-34143 was published Jul 18, 2023
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate... High Unreviewed
CVE-2020-14387 was published May 24, 2022
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG... High Unreviewed
CVE-2019-13050 was published May 24, 2022
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail High
CVE-2021-44549 was published for org.apache.sling:org.apache.sling.commons.messaging.mail (Maven) Dec 16, 2021
Disabled Hostname Verification in Opencast High
CVE-2020-26234 was published for org.opencastproject:opencast-kernel (Maven) Dec 8, 2020
intrigus-lgtm
Improper Validation of Certificate with Host Mismatch in Java-WebSocket High
CVE-2020-11050 was published for org.java-websocket:Java-WebSocket (Maven) May 8, 2020
p-
ProTip! Advisories are also available from the GraphQL API