GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

524 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45457 was published May 18, 2023

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45458 was published May 18, 2023

Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation Moderate

CVE-2023-32994 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023

in-toto: PGP trust model not (fully) considered Moderate

GHSA-jjgp-whrp-gq8m was published for in-toto (pip) May 11, 2023

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories... Moderate Unreviewed

CVE-2023-31151 was published May 10, 2023

Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01... Moderate Unreviewed

CVE-2023-23901 was published May 10, 2023

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty... Moderate Unreviewed

CVE-2022-39161 was published May 3, 2023

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,... Moderate Unreviewed

CVE-2023-31485 was published Apr 29, 2023

Jenkins NeuVector Vulnerability Scanner Plugin disables SSL/TLS certificate and hostname validation Moderate

CVE-2023-30517 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Apr 12, 2023

Jenkins Image Tag Parameter Plugin improperly introduces option to opt out of SSL/TLS certificate validation Moderate

CVE-2023-30516 was published for org.jenkins-ci.plugins:image-tag-parameter (Maven) Apr 12, 2023

An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2... Moderate Unreviewed

CVE-2022-48437 was published Apr 12, 2023

A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All... Moderate Unreviewed

CVE-2023-23588 was published Apr 11, 2023

Allegro Tech BigFlow vulnerable to Missing SSL Certificate Validation Moderate

CVE-2023-25392 was published for bigflow (pip) Apr 10, 2023

Applications that use a non-default option when verifying certificates may be vulnerable to an... Moderate Unreviewed

CVE-2023-0465 was published Mar 28, 2023

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate... Moderate Unreviewed

CVE-2023-0466 was published Mar 28, 2023

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the... Moderate Unreviewed

CVE-2023-1055 was published Feb 28, 2023

Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of... Moderate Unreviewed

CVE-2022-48306 was published Feb 16, 2023

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions... Moderate Unreviewed

CVE-2023-22943 was published Feb 14, 2023

Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0... Moderate Unreviewed

CVE-2023-22367 was published Feb 13, 2023

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in... Moderate Unreviewed

CVE-2022-34404 was published Feb 11, 2023

BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate. Moderate Unreviewed

CVE-2022-46496 was published Feb 7, 2023

Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of... Moderate Unreviewed

CVE-2022-3913 was published Feb 2, 2023

When importing a revoked key that specified key compromise as the revocation reason, Thunderbird... Moderate Unreviewed

CVE-2022-1197 was published Dec 22, 2022

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the... Moderate Unreviewed

CVE-2022-22747 was published Dec 22, 2022

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank... Moderate Unreviewed

CVE-2022-1834 was published Dec 22, 2022

Previous 1 2 3 4 5 6 7 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

524 advisories