Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

413 advisories

Loading
Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version... High Unreviewed
CVE-2021-20695 was published May 24, 2022
HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets... High Unreviewed
CVE-2021-27400 was published May 24, 2022
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude... High Unreviewed
CVE-2021-29653 was published May 24, 2022
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux... High Unreviewed
CVE-2021-27899 was published May 24, 2022
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to... High Unreviewed
CVE-2021-22189 was published May 24, 2022
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when... High Unreviewed
CVE-2021-20230 was published May 24, 2022
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for... High Unreviewed
CVE-2021-26911 was published May 24, 2022
Improper Certificate Validation in Microsoft .NET Framework components High
CVE-2018-0786 was published for Microsoft.NETCore.UniversalWindowsPlatform (NuGet) Oct 16, 2018
skofman1
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they... High Unreviewed
CVE-2021-3309 was published May 24, 2022
An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts... High Unreviewed
CVE-2020-35733 was published May 24, 2022
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for... High Unreviewed
CVE-2021-0341 was published May 24, 2022
Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from... High Unreviewed
CVE-2020-8289 was published May 24, 2022
Ptarmigan before 0.2.3 lacks API token validation, e.g., an "if (token === apiToken) {return true... High Unreviewed
CVE-2019-16281 was published May 24, 2022
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 ... High Unreviewed
CVE-2020-15604 was published May 24, 2022
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a... High Unreviewed
CVE-2020-8241 was published May 24, 2022
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0... High Unreviewed
CVE-2020-8279 was published May 24, 2022
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS... High Unreviewed
CVE-2019-17007 was published May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. High Unreviewed
CVE-2020-28362 was published May 24, 2022
When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist... High Unreviewed
CVE-2020-1675 was published May 24, 2022
VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack... High Unreviewed
CVE-2020-3994 was published May 24, 2022
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third... High Unreviewed
CVE-2020-15719 was published May 24, 2022
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5... High Unreviewed
CVE-2020-5913 was published May 24, 2022
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed
CVE-2021-43766 was published Aug 26, 2022
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not... High Unreviewed
CVE-2020-16093 was published Jul 19, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its... High Unreviewed
CVE-2019-7229 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database