Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,051 advisories

Loading
Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature... Moderate Unreviewed
CVE-2021-21571 was published May 24, 2022
While processing server certificate from IPSec server, certificate validation for subject... Critical Unreviewed
CVE-2020-11176 was published May 24, 2022
The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for... Moderate Unreviewed
CVE-2021-20732 was published May 24, 2022
All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509... Moderate Unreviewed
CVE-2021-22218 was published May 24, 2022
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0... High Unreviewed
CVE-2021-24012 was published May 24, 2022
'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which... Moderate Unreviewed
CVE-2022-34156 was published Aug 17, 2022
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds,... High Unreviewed
CVE-2016-20011 was published May 24, 2022
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation. Moderate Unreviewed
CVE-2021-27189 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure... Moderate Unreviewed
CVE-2020-36127 was published May 24, 2022
Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version... High Unreviewed
CVE-2021-20695 was published May 24, 2022
Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper... Moderate Unreviewed
CVE-2021-21559 was published May 24, 2022
HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets... High Unreviewed
CVE-2021-27400 was published May 24, 2022
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude... High Unreviewed
CVE-2021-29653 was published May 24, 2022
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for... Critical Unreviewed
CVE-2021-3336 was published May 24, 2022
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux... High Unreviewed
CVE-2021-27899 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1471 was published May 24, 2022
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server... Critical Unreviewed
CVE-2021-3460 was published May 24, 2022
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support... Low Unreviewed
CVE-2022-34394 was published Sep 29, 2022
Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation Moderate
CVE-2022-33683 was published for org.apache.pulsar:pulsar-broker (Maven) Sep 25, 2022
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to... High Unreviewed
CVE-2021-22189 was published May 24, 2022
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when... High Unreviewed
CVE-2021-20230 was published May 24, 2022
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for... High Unreviewed
CVE-2021-26911 was published May 24, 2022
Improper Certificate Validation in Microsoft .NET Framework components High
CVE-2018-0786 was published for Microsoft.NETCore.UniversalWindowsPlatform (NuGet) Oct 16, 2018
skofman1
ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the... Moderate Unreviewed
CVE-2021-20649 was published May 24, 2022
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS)... Low Unreviewed
CVE-2021-1354 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database