Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,343
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

849 advisories

Loading
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage... Critical Unreviewed
CVE-2022-37437 was published Aug 17, 2022
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x,... Critical Unreviewed
CVE-2022-34865 was published Aug 5, 2022
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not... High Unreviewed
CVE-2022-1805 was published Jul 29, 2022
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a... Critical Unreviewed
CVE-2022-26305 was published Jul 26, 2022
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an... High Unreviewed
CVE-2022-20860 was published Jul 22, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter... High Unreviewed
CVE-2021-29755 was published Jul 21, 2022
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not... High Unreviewed
CVE-2020-16093 was published Jul 19, 2022
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0... Moderate Unreviewed
CVE-2021-22131 was published Jul 19, 2022
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL:... Critical Unreviewed
CVE-2014-8164 was published Jul 7, 2022
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway... Moderate Unreviewed
CVE-2022-20813 was published Jul 7, 2022
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not... Critical Unreviewed
CVE-2022-32151 was published Jun 16, 2022
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed
CVE-2022-32152 was published Jun 16, 2022
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line... Critical Unreviewed
CVE-2022-32156 was published Jun 16, 2022
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed
CVE-2022-32153 was published Jun 16, 2022
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server... Moderate Unreviewed
CVE-2022-29482 was published Jun 15, 2022
Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service... High Unreviewed
CVE-2022-26493 was published Jun 4, 2022
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been... High Unreviewed
CVE-2022-27782 was published Jun 3, 2022
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses... Moderate Unreviewed
CVE-2022-26491 was published Jun 3, 2022
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate... High Unreviewed
CVE-2020-26184 was published Jun 2, 2022
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0... Moderate Unreviewed
CVE-2022-29082 was published May 27, 2022
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5,... Moderate Unreviewed
CVE-2022-26766 was published May 27, 2022
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0... Moderate Unreviewed
CVE-2022-22306 was published May 25, 2022
Summary - The certificate used to identify Orchestrator to EdgeConnect devices is not validated... Moderate Unreviewed
CVE-2020-12143 was published May 24, 2022
Details The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is... Moderate Unreviewed
CVE-2020-12144 was published May 24, 2022
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax... Moderate Unreviewed
CVE-2020-5367 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database