Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

413 advisories

Loading
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can... High Unreviewed
CVE-2024-25642 was published Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a... High Unreviewed
CVE-2023-43017 was published Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an... High Unreviewed
CVE-2023-32330 was published Feb 7, 2024
Boundary vulnerable to session hijacking through TLS certificate tampering High
CVE-2024-1052 was published for github.com/hashicorp/boundary (Go) Feb 5, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,... High Unreviewed
CVE-2020-29504 was published Feb 2, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local... High Unreviewed
CVE-2023-6043 was published Jan 19, 2024
Improper validation of the server’s certificate chain in secure traffic scanning feature... High Unreviewed
CVE-2023-5594 was published Dec 21, 2023
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a... High Unreviewed
CVE-2023-1514 was published Dec 19, 2023
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all... High Unreviewed
CVE-2023-6680 was published Dec 15, 2023
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the... High Unreviewed
CVE-2020-12614 was published Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected... High Unreviewed
CVE-2023-48427 was published Dec 12, 2023
Permission verification vulnerability in distributed scenarios. Successful exploitation of this... High Unreviewed
CVE-2023-49247 was published Dec 6, 2023
KEPServerEX does not properly validate certificates from clients which may allow... High Unreviewed
CVE-2023-5909 was published Dec 1, 2023
Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity... High Unreviewed
CVE-2023-49312 was published Nov 27, 2023
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component.... High Unreviewed
CVE-2023-43082 was published Nov 22, 2023
HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack High
CVE-2023-48052 was published for httpie (pip) Nov 16, 2023
RJPercival
Missing SSL certificate validation in localstack High
CVE-2023-48054 was published for localstack (pip) Nov 16, 2023
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote... High Unreviewed
CVE-2023-42532 was published Nov 13, 2023
In UWB Google, there is a possible way for a malicious app to masquerade as system app com... High Unreviewed
CVE-2023-21358 was published Oct 30, 2023
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet... High Unreviewed
CVE-2023-31421 was published Oct 26, 2023
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known... High Unreviewed
CVE-2023-4499 was published Oct 13, 2023
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers... High Unreviewed
CVE-2023-38356 was published Sep 19, 2023
MiniTool Movie Maker 4.1 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38354 was published Sep 19, 2023
MiniTool Movie Maker 6.1.0 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38355 was published Sep 19, 2023
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers... High Unreviewed
CVE-2023-38351 was published Sep 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database