Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with... Moderate Unreviewed
CVE-2023-50314 was published Aug 14, 2024
IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network... Moderate Unreviewed
CVE-2023-50315 was published Aug 14, 2024
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and... High Unreviewed
CVE-2024-7570 was published Aug 13, 2024
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not... Low Unreviewed
CVE-2024-5445 was published Aug 12, 2024
There is a vulnerability in the AP Certificate Management Service which could allow a threat... Critical Unreviewed
CVE-2024-42395 was published Aug 6, 2024
A flaw was found in libnbd. The client did not always correctly verify the NBD server's... Moderate Unreviewed
CVE-2024-7383 was published Aug 5, 2024
Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed... High Unreviewed
CVE-2024-6472 was published Aug 5, 2024
Under certain circumstances the exacqVision Server will not properly validate TLS certificates... Moderate Unreviewed
CVE-2024-32865 was published Aug 2, 2024
An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables... Moderate Unreviewed
CVE-2024-41258 was published Jul 31, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a... Low Unreviewed
CVE-2024-4786 was published Jul 26, 2024
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the... High Unreviewed
CVE-2024-28872 was published Jul 11, 2024
An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to... Moderate Unreviewed
CVE-2024-37865 was published Jul 9, 2024
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to... Moderate Unreviewed
CVE-2024-28067 was published Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0... Moderate Unreviewed
CVE-2024-33509 was published Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7... Moderate Unreviewed
CVE-2023-50179 was published Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3... High Unreviewed
CVE-2023-50178 was published Jul 9, 2024
In gnss service, there is a possible escalation of privilege due to improper certificate... Critical Unreviewed
CVE-2024-20080 was published Jul 1, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed
CVE-2024-25053 was published Jun 29, 2024
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS... Unknown Unreviewed
CVE-2024-5261 was published Jun 25, 2024
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism... High Unreviewed
CVE-2024-28021 was published Jun 11, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate... High Unreviewed
CVE-2024-35140 was published May 31, 2024
TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly... Moderate Unreviewed
CVE-2024-31340 was published May 22, 2024
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper... Moderate Unreviewed
CVE-2024-35299 was published May 16, 2024
Windows Cryptographic Services Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30020 was published May 14, 2024
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on... High Unreviewed
CVE-2022-32509 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database