Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

413 advisories

Loading
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to... High Unreviewed
CVE-2023-38352 was published Sep 19, 2023
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent... High Unreviewed
CVE-2023-4801 was published Sep 13, 2023
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker... High Unreviewed
CVE-2023-30729 was published Sep 6, 2023
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of... High Unreviewed
CVE-2023-1409 was published Aug 23, 2023
In multiple locations, there are root CA certificates which need to be disabled. This could lead... High Unreviewed
CVE-2023-21265 was published Aug 14, 2023
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on... High Unreviewed
CVE-2023-34143 was published Jul 18, 2023
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension)... High Unreviewed
CVE-2023-3724 was published Jul 18, 2023
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS... High Unreviewed
CVE-2023-3615 was published Jul 17, 2023
cryptography mishandles SSH certificates High
CVE-2023-38325 was published for cryptography (pip) Jul 14, 2023
alanc tiran
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper... High Unreviewed
CVE-2023-31190 was published Jul 11, 2023
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual... High Unreviewed
CVE-2021-21548 was published Jul 6, 2023
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software... High Unreviewed
CVE-2022-32748 was published Jul 6, 2023
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32... High Unreviewed
CVE-2023-23546 was published Jul 6, 2023
Keycloak vulnerable to Improper Client Certificate Validation for OAuth/OpenID clients High
CVE-2023-2422 was published for org.keycloak:keycloak-services (Maven) Jun 30, 2023
artsploit
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and... High Unreviewed
CVE-2023-30222 was published Jun 16, 2023
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin High
CVE-2023-35142 was published for com.checkmarx.jenkins:checkmarx (Maven) Jun 14, 2023
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator... High Unreviewed
CVE-2023-20881 was published May 19, 2023
A certificate validation vulnerability exists in the Baiying Android application which could lead... High Unreviewed
CVE-2022-48186 was published May 1, 2023
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. High Unreviewed
CVE-2023-31484 was published Apr 29, 2023
An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2... High Unreviewed
CVE-2023-22642 was published Apr 11, 2023
A user with a compromised configuration can start an unsigned binary as a service. High Unreviewed
CVE-2023-28093 was published Apr 10, 2023
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2022-27644 was published Mar 29, 2023
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of... High Unreviewed
CVE-2023-20963 was published Mar 24, 2023
A security vulnerability has been identified in all supported versions of OpenSSL related to the... High Unreviewed
CVE-2023-0464 was published Mar 22, 2023
Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on... High Unreviewed
CVE-2022-4895 was published Feb 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database