Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

849 advisories

Loading
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in... High Unreviewed
CVE-2020-15732 was published May 24, 2022
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco... High Unreviewed
CVE-2021-1566 was published May 24, 2022
The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for... Moderate Unreviewed
CVE-2021-20732 was published May 24, 2022
While processing server certificate from IPSec server, certificate validation for subject... Critical Unreviewed
CVE-2020-11176 was published May 24, 2022
All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509... Moderate Unreviewed
CVE-2021-22218 was published May 24, 2022
Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper... Moderate Unreviewed
CVE-2021-21559 was published May 24, 2022
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0... High Unreviewed
CVE-2021-24012 was published May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to... High Unreviewed
CVE-2021-22909 was published May 24, 2022
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds,... High Unreviewed
CVE-2016-20011 was published May 24, 2022
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of... Critical Unreviewed
CVE-2020-28907 was published May 24, 2022
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback... High Unreviewed
CVE-2021-32919 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure... Moderate Unreviewed
CVE-2020-36127 was published May 24, 2022
Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version... High Unreviewed
CVE-2021-20695 was published May 24, 2022
HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets... High Unreviewed
CVE-2021-27400 was published May 24, 2022
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude... High Unreviewed
CVE-2021-29653 was published May 24, 2022
Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH... Moderate Unreviewed
CVE-2021-20989 was published May 24, 2022
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server... Critical Unreviewed
CVE-2021-3460 was published May 24, 2022
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux... High Unreviewed
CVE-2021-27899 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1471 was published May 24, 2022
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... Moderate Unreviewed
CVE-2021-27257 was published May 24, 2022
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to... High Unreviewed
CVE-2021-22189 was published May 24, 2022
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation. Moderate Unreviewed
CVE-2021-27189 was published May 24, 2022
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when... High Unreviewed
CVE-2021-20230 was published May 24, 2022
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for... High Unreviewed
CVE-2021-26911 was published May 24, 2022
ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the... Moderate Unreviewed
CVE-2021-20649 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database