Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,339
Maven
5,000+
npm
3,973
NuGet
719
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

849 advisories

Loading
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of... Moderate Unreviewed
CVE-2022-3913 was published Feb 2, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings. High Unreviewed
CVE-2023-23131 was published Feb 1, 2023
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation... Critical Unreviewed
CVE-2022-45100 was published Feb 1, 2023
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default... High Unreviewed
CVE-2020-36658 was published Jan 27, 2023
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by... High Unreviewed
CVE-2020-36659 was published Jan 27, 2023
Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for... High Unreviewed
CVE-2023-23690 was published Jan 19, 2023
Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for... High Unreviewed
CVE-2022-42979 was published Jan 6, 2023
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird... Moderate Unreviewed
CVE-2022-1197 was published Dec 22, 2022
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank... Moderate Unreviewed
CVE-2022-1834 was published Dec 22, 2022
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the... Moderate Unreviewed
CVE-2022-22747 was published Dec 22, 2022
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should... High Unreviewed
CVE-2022-34469 was published Dec 22, 2022
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS... Moderate Unreviewed
CVE-2022-45419 was published Dec 22, 2022
A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an... High Unreviewed
CVE-2022-20960 was published Nov 4, 2022
A certificate validation issue existed in the handling of WKWebView. This issue was addressed... Critical Unreviewed
CVE-2022-42813 was published Nov 2, 2022
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a... High Unreviewed
CVE-2022-41747 was published Oct 11, 2022
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The... High Unreviewed
CVE-2022-40147 was published Oct 11, 2022
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support... Low Unreviewed
CVE-2022-34394 was published Sep 29, 2022
Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by... Moderate Unreviewed
CVE-2021-45035 was published Sep 25, 2022
An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible... Critical Unreviewed
CVE-2022-34831 was published Sep 15, 2022
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in... High Unreviewed
CVE-2022-36173 was published Sep 13, 2022
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with... Moderate Unreviewed
CVE-2022-1632 was published Sep 2, 2022
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed
CVE-2021-43766 was published Aug 26, 2022
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is... Moderate Unreviewed
CVE-2021-43767 was published Aug 26, 2022
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is... Moderate Unreviewed
CVE-2021-3798 was published Aug 24, 2022
'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which... Moderate Unreviewed
CVE-2022-34156 was published Aug 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database