Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

524 advisories

Loading
Apache Tomcat affected by vulnerability in TLS and SSL protocol Moderate
CVE-2009-3555 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is... Moderate Unreviewed
CVE-2009-3767 was published May 2, 2022
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication,... Moderate Unreviewed
CVE-2009-4831 was published May 2, 2022
`OCSP_basic_verify` may incorrectly verify the response signing certificate Moderate
CVE-2022-1343 was published for openssl-src (Rust) May 4, 2022
pinkforest
OpenStack Keystone and other components vulnerable to Improper Certificate Validation Moderate
CVE-2013-2255 was published for cinder (pip) May 5, 2022
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of... Moderate Unreviewed
CVE-2021-27768 was published May 13, 2022
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL... Moderate Unreviewed
CVE-2017-2913 was published May 13, 2022
An exploitable denial of service vulnerability exists within the reading of proprietary server... Moderate Unreviewed
CVE-2017-2836 was published May 13, 2022
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore... Moderate Unreviewed
CVE-2018-3927 was published May 13, 2022
Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's... Moderate Unreviewed
CVE-2012-5824 was published May 13, 2022
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC... Moderate Unreviewed
CVE-2012-3037 was published May 13, 2022
The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509... Moderate Unreviewed
CVE-2015-4094 was published May 13, 2022
The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed
CVE-2017-8943 was published May 13, 2022
Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not... Moderate Unreviewed
CVE-2016-1184 was published May 13, 2022
The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates... Moderate Unreviewed
CVE-2017-8939 was published May 13, 2022
The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509... Moderate Unreviewed
CVE-2017-8935 was published May 13, 2022
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and... Moderate Unreviewed
CVE-2016-4840 was published May 13, 2022
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows... Moderate Unreviewed
CVE-2017-8060 was published May 13, 2022
The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS... Moderate Unreviewed
CVE-2017-8936 was published May 13, 2022
Improper Certificate Validation in Apache CXF Moderate
CVE-2017-5653 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to... Moderate Unreviewed
CVE-2018-18568 was published May 13, 2022
The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers,... Moderate Unreviewed
CVE-2017-5914 was published May 13, 2022
The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed
CVE-2017-8938 was published May 13, 2022
MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, which may allow an... Moderate Unreviewed
CVE-2017-10819 was published May 13, 2022
Improper Certificate Validation in Apache Commons HttpClient Moderate
CVE-2012-5783 was published for commons-httpclient:commons-httpclient (Maven) May 13, 2022
ebickle
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database