Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

524 advisories

Loading
On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates... Moderate Unreviewed
CVE-2017-3182 was published May 13, 2022
Jenkins SSH Build Agents Plugin did not verify host keys Moderate
CVE-2017-2648 was published for org.jenkins-ci.plugins:ssh-slaves (Maven) May 13, 2022
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG... Moderate Unreviewed
CVE-2017-2623 was published May 13, 2022
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks... Moderate Unreviewed
CVE-2017-2629 was published May 13, 2022
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or... Moderate Unreviewed
CVE-2017-1265 was published May 13, 2022
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not validate, or incorrectly... Moderate Unreviewed
CVE-2017-1200 was published May 13, 2022
Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application... Moderate Unreviewed
CVE-2017-13105 was published May 13, 2022
A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin.... Moderate Unreviewed
CVE-2017-12195 was published May 13, 2022
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and... Moderate Unreviewed
CVE-2017-12228 was published May 13, 2022
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay... Moderate Unreviewed
CVE-2016-2922 was published May 13, 2022
The Shein Group Ltd. "SHEIN - Fashion Shopping" app -- aka shein fashion-shopping/id878577184 --... Moderate Unreviewed
CVE-2017-14710 was published May 13, 2022
The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify... Moderate Unreviewed
CVE-2017-2387 was published May 13, 2022
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied... Moderate Unreviewed
CVE-2017-8301 was published May 13, 2022
In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege... Moderate Unreviewed
CVE-2018-16261 was published May 13, 2022
Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash... Moderate Unreviewed
CVE-2015-5619 was published May 14, 2022
NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP.... Moderate Unreviewed
CVE-2017-11501 was published May 14, 2022
Improper Certificate Validation in Jenkins Moderate
CVE-2017-1000396 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on... Moderate Unreviewed
CVE-2016-4467 was published May 14, 2022
rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1... Moderate Unreviewed
CVE-2015-1777 was published May 14, 2022
When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2... Moderate Unreviewed
CVE-2017-15698 was published May 14, 2022
The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certificate Validation. NOTE: this... Moderate Unreviewed
CVE-2019-6702 was published May 14, 2022
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the... Moderate Unreviewed
CVE-2014-1266 was published May 14, 2022
In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate... Moderate Unreviewed
CVE-2019-8337 was published May 14, 2022
Cloud Foundry vulnerable to Improper Certificate Validation Moderate
CVE-2016-5016 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the... Moderate Unreviewed
CVE-2018-16187 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database