Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

846 advisories

Loading
Lack of TLS certificate verification in log transmission of a financial module within LINE Client... Critical Unreviewed
CVE-2023-5554 was published Oct 12, 2023
In JetBrains Ktor before 2.3.5 server certificates were not verified Critical Unreviewed
CVE-2023-45613 was published Oct 9, 2023
A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... Moderate Unreviewed
CVE-2023-41991 was published Sep 21, 2023
MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows... Moderate Unreviewed
CVE-2023-38353 was published Sep 19, 2023
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers... High Unreviewed
CVE-2023-38356 was published Sep 19, 2023
MiniTool Movie Maker 4.1 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38354 was published Sep 19, 2023
MiniTool Movie Maker 6.1.0 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38355 was published Sep 19, 2023
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers... High Unreviewed
CVE-2023-38351 was published Sep 19, 2023
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to... High Unreviewed
CVE-2023-38352 was published Sep 19, 2023
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent... High Unreviewed
CVE-2023-4801 was published Sep 13, 2023
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying... Moderate Unreviewed
CVE-2023-35845 was published Sep 11, 2023
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker... High Unreviewed
CVE-2023-30729 was published Sep 6, 2023
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14... Moderate Unreviewed
CVE-2023-41180 was published Sep 3, 2023
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6... Moderate Unreviewed
CVE-2022-22305 was published Sep 1, 2023
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of... High Unreviewed
CVE-2023-1409 was published Aug 23, 2023
In multiple locations, there are root CA certificates which need to be disabled. This could lead... High Unreviewed
CVE-2023-21265 was published Aug 14, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed... Critical Unreviewed
CVE-2023-40256 was published Aug 11, 2023
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on... High Unreviewed
CVE-2023-34143 was published Jul 18, 2023
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension)... High Unreviewed
CVE-2023-3724 was published Jul 18, 2023
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS... High Unreviewed
CVE-2023-3615 was published Jul 17, 2023
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper... High Unreviewed
CVE-2023-31190 was published Jul 11, 2023
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows... Moderate Unreviewed
CVE-2023-24461 was published Jul 6, 2023
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual... High Unreviewed
CVE-2021-21548 was published Jul 6, 2023
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software... High Unreviewed
CVE-2022-32748 was published Jul 6, 2023
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32... High Unreviewed
CVE-2023-23546 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database