Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,050 advisories

Loading
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an... Moderate Unreviewed
CVE-2020-9525 was published May 24, 2022
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well... Low Unreviewed
CVE-2019-1552 was published May 24, 2022
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third... High Unreviewed
CVE-2020-15719 was published May 24, 2022
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips... Moderate Unreviewed
CVE-2020-13645 was published May 24, 2022
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and ... Moderate Unreviewed
CVE-2020-8172 was published May 24, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Moderate Unreviewed
CVE-2020-11580 was published May 24, 2022
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5... High Unreviewed
CVE-2020-5913 was published May 24, 2022
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed
CVE-2021-43766 was published Aug 26, 2022
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is... Moderate Unreviewed
CVE-2021-43767 was published Aug 26, 2022
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c... Moderate Unreviewed
CVE-2020-7042 was published May 24, 2022
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not... High Unreviewed
CVE-2020-16093 was published Jul 19, 2022
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation Moderate
CVE-2022-33682 was published for org.apache.pulsar:pulsar-broker (Maven) Sep 25, 2022
Apache Pulsar Java Client vulnerable to Improper Certificate Validation Moderate
CVE-2022-33681 was published for org.apache.pulsar:pulsar-client (Maven) Sep 25, 2022
Sensitive information disclosure vulnerability resulting from a lack of certificate validation... Moderate Unreviewed
CVE-2019-5537 was published May 24, 2022
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt,... Moderate Unreviewed
CVE-2019-5101 was published May 24, 2022
Sensitive information disclosure vulnerability resulting from a lack of certificate validation... Moderate Unreviewed
CVE-2019-5538 was published May 24, 2022
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt,... Moderate Unreviewed
CVE-2019-5102 was published May 24, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its... High Unreviewed
CVE-2019-7229 was published May 24, 2022
Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack High
CVE-2022-33684 was published for pulsar-client (pip) Nov 4, 2022
hsnbozkurt
An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019... Moderate Unreviewed
CVE-2019-14334 was published May 24, 2022
Traefik routes exposed with an empty TLSOption Moderate
CVE-2022-46153 was published for github.com/traefik/traefik/v2 (Go) Dec 8, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0... High Unreviewed
CVE-2022-22787 was published May 19, 2022
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not... Moderate Unreviewed
CVE-2021-29726 was published May 18, 2022
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2013-10001 was published May 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database