Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

413 advisories

Loading
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on... High Unreviewed
CVE-2022-32509 was published May 14, 2024
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and... High Unreviewed
CVE-2024-7570 was published Aug 13, 2024
Filestash skips TLS certificate verification process when sending out email verification codes High
CVE-2024-41256 was published for github.com/mickael-kerjean/filestash (Go) Jul 31, 2024
electron-updater Code Signing Bypass on Windows High
CVE-2024-39698 was published for electron-updater (npm) Jul 9, 2024
mmaietta thomas-chauchefoin-bentley-systems
eb-bsi
Beego privilege escalation vulnerability High
CVE-2024-40464 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed... High Unreviewed
CVE-2024-6472 was published Aug 5, 2024
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted... High Unreviewed
CVE-2023-40104 was published Feb 16, 2024
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the... High Unreviewed
CVE-2020-12614 was published Dec 12, 2023
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... High Unreviewed
CVE-2022-20703 was published Feb 11, 2022
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the... High Unreviewed
CVE-2024-28872 was published Jul 11, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3... High Unreviewed
CVE-2023-50178 was published Jul 9, 2024
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. High Unreviewed
CVE-2023-31484 was published Apr 29, 2023
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism... High Unreviewed
CVE-2024-28021 was published Jun 11, 2024
Incorrect TLS certificate auth method in Vault High
CVE-2024-2048 was published for github.com/hashicorp/vault (Go) Mar 4, 2024
oscerd
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate... High Unreviewed
CVE-2024-35140 was published May 31, 2024
Helm uses crypto package vulnerable to panic from malformed X.509 certificate High
CVE-2020-7919 was published for github.com/helm/helm (Go) Jun 23, 2021
NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution... High Unreviewed
CVE-2023-35721 was published May 3, 2024
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This... High Unreviewed
CVE-2024-3738 was published Apr 13, 2024
vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from... High Unreviewed
CVE-2012-5518 was published Apr 23, 2022
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker... High Unreviewed
CVE-2023-30729 was published Sep 6, 2023
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers... High Unreviewed
CVE-2023-38356 was published Sep 19, 2023
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator... High Unreviewed
CVE-2023-20881 was published May 19, 2023
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to... High Unreviewed
CVE-2024-31871 was published Apr 10, 2024
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been... High Unreviewed
CVE-2022-27782 was published Jun 3, 2022
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to... High Unreviewed
CVE-2020-8286 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database