Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

413 advisories

Loading
TCPDF missing certificate validation High
CVE-2024-56521 was published for tecnickcom/tcpdf (Composer) Dec 27, 2024
An improper validation vulnerability was reported in the firmware update mechanism of LADM and... High Unreviewed
CVE-2024-4762 was published Dec 16, 2024
An improper certificate validation vulnerability was reported in LADM that could allow a network... High Unreviewed
CVE-2024-6001 was published Dec 16, 2024
djoser Authentication Bypass High
CVE-2024-21543 was published for djoser (pip) Dec 13, 2024
An improper certificate validation vulnerability has been reported to affect several QNAP... High Unreviewed
CVE-2024-48865 was published Dec 6, 2024
An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point ... High Unreviewed
CVE-2024-45205 was published Dec 4, 2024
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app... High Unreviewed
CVE-2024-5921 was published Nov 27, 2024
Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination High
CVE-2024-10039 was published for org.keycloak:keycloak-core (Maven) Nov 25, 2024
ahus1 westonsteimel
NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-51634 was published Nov 22, 2024
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco&nbsp... High Unreviewed
CVE-2022-20814 was published Nov 15, 2024
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors. High Unreviewed
CVE-2024-51774 was published Nov 2, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-49570 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6055 was published Oct 18, 2024
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning... High Unreviewed
CVE-2023-49567 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6057 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The... High Unreviewed
CVE-2023-6058 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6056 was published Oct 18, 2024
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
eduarddfinity AlexV525
Windows Secure Channel Spoofing Vulnerability High Unreviewed
CVE-2024-43550 was published Oct 8, 2024
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS... High Unreviewed
CVE-2024-7206 was published Oct 8, 2024
Rancher agents can be hijacked by taking over the Rancher Server URL High
CVE-2024-22030 was published for github.com/rancher/rancher (Go) Sep 26, 2024
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024... High Unreviewed
CVE-2024-43201 was published Sep 23, 2024
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS... High Unreviewed
CVE-2024-8287 was published Sep 18, 2024
An improper certificate validation vulnerability in TLS certificate validation allows an attacker... High Unreviewed
CVE-2024-40714 was published Sep 7, 2024
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an... High Unreviewed
CVE-2024-41996 was published Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database