GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,255

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

524 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not... Moderate Unreviewed

CVE-2016-4830 was published May 13, 2022

The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not... Moderate Unreviewed

CVE-2014-0363 was published May 13, 2022

Improper Certificate Validation in OkHttp Moderate

CVE-2016-2402 was published for com.squareup.okhttp3:okhttp (Maven) May 13, 2022

The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu... Moderate Unreviewed

CVE-2016-1252 was published May 13, 2022

Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate... Moderate Unreviewed

CVE-2017-15528 was published May 13, 2022

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3,... Moderate Unreviewed

CVE-2013-0776 was published May 13, 2022

The "Community State Bank - Lamar Mobile Banking" by Community State Bank - Lamar app 3.0.3 --... Moderate Unreviewed

CVE-2017-9585 was published May 13, 2022

The "PCB Mobile" by Phelps County Bank app 3.0.2 -- aka pcb-mobile/id436891295 for iOS does not... Moderate Unreviewed

CVE-2017-9591 was published May 13, 2022

The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed

CVE-2017-5902 was published May 13, 2022

The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers,... Moderate Unreviewed

CVE-2017-5905 was published May 13, 2022

The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for Android does not verify X... Moderate Unreviewed

CVE-2017-3212 was published May 13, 2022

Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate... Moderate Unreviewed

CVE-2010-4685 was published May 13, 2022

Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed... Moderate Unreviewed

CVE-2011-2874 was published May 13, 2022

Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2011-3024 was published May 13, 2022

Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a... Moderate Unreviewed

CVE-2011-3061 was published May 13, 2022

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification... Moderate Unreviewed

CVE-2016-1000033 was published May 13, 2022

Cyberduck before 4.4.4 on Windows does not properly validate X.509 certificate chains, which... Moderate Unreviewed

CVE-2014-2845 was published May 13, 2022

Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS... Moderate Unreviewed

CVE-2019-3841 was published May 13, 2022

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow... Moderate Unreviewed

CVE-2019-1757 was published May 13, 2022

IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed

CVE-2018-1543 was published May 13, 2022

Keycloak Authentication Error Moderate

CVE-2018-10894 was published for org.keycloak:keycloak-saml-adapter-core (Maven) May 13, 2022

A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access... Moderate Unreviewed

CVE-2018-0334 was published May 13, 2022

An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If... Moderate Unreviewed

CVE-2017-8445 was published May 13, 2022

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX... Moderate Unreviewed

CVE-2017-7932 was published May 13, 2022

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to... Moderate Unreviewed

CVE-2017-7513 was published May 13, 2022

Previous 1 2 3 4 5 6 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

524 advisories