GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,905
Composer 4,780
Erlang 36
GitHub Actions 29
Go 2,338
Maven 5,649
npm 3,973
NuGet 715
pip 3,769
Pub 12
RubyGems 923
Rust 976
Swift 38

Unreviewed advisories

All unreviewed 259,905

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

848 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software... High Unreviewed

CVE-2022-32748 was published Jul 6, 2023

A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32... High Unreviewed

CVE-2023-23546 was published Jul 6, 2023

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability... Low Unreviewed

CVE-2023-32464 was published Jun 23, 2023

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox... Low Unreviewed

CVE-2023-34414 was published Jun 19, 2023

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and... High Unreviewed

CVE-2023-30222 was published Jun 16, 2023

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku... Moderate Unreviewed

CVE-2023-29501 was published Jun 13, 2023

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all... Moderate Unreviewed

CVE-2023-29175 was published Jun 13, 2023

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6... Moderate Unreviewed

CVE-2023-34410 was published Jun 5, 2023

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed... Moderate Unreviewed

CVE-2023-0430 was published Jun 2, 2023

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted... Moderate Unreviewed

CVE-2023-0547 was published Jun 2, 2023

Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability... Moderate Unreviewed

CVE-2023-24568 was published May 30, 2023

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports... Moderate Unreviewed

CVE-2023-28321 was published May 26, 2023

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator... High Unreviewed

CVE-2023-20881 was published May 19, 2023

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45457 was published May 18, 2023

Sensitive information disclosure and manipulation due to improper certification validation. The... Moderate Unreviewed

CVE-2022-45458 was published May 18, 2023

An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed

CVE-2023-27823 was published May 12, 2023

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories... Moderate Unreviewed

CVE-2023-31151 was published May 10, 2023

Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01... Moderate Unreviewed

CVE-2023-23901 was published May 10, 2023

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty... Moderate Unreviewed

CVE-2022-39161 was published May 3, 2023

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed

CVE-2022-35898 was published May 1, 2023

A certificate validation vulnerability exists in the Baiying Android application which could lead... High Unreviewed

CVE-2022-48186 was published May 1, 2023

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. High Unreviewed

CVE-2023-31484 was published Apr 29, 2023

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,... Moderate Unreviewed

CVE-2023-31485 was published Apr 29, 2023

HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an... Unknown Unreviewed

CVE-2023-31486 was published Apr 29, 2023

Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute... Critical Unreviewed

CVE-2022-47758 was published Apr 27, 2023

Previous 1 2 … 7 8 9 10 11 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

848 advisories