GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

272 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and... High Unreviewed

CVE-2023-30222 was published Jun 16, 2023

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator... High Unreviewed

CVE-2023-20881 was published May 19, 2023

A certificate validation vulnerability exists in the Baiying Android application which could lead... High Unreviewed

CVE-2022-48186 was published May 1, 2023

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. High Unreviewed

CVE-2023-31484 was published Apr 29, 2023

An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2... High Unreviewed

CVE-2023-22642 was published Apr 11, 2023

A user with a compromised configuration can start an unsigned binary as a service. High Unreviewed

CVE-2023-28093 was published Apr 10, 2023

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed

CVE-2022-27644 was published Mar 29, 2023

In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of... High Unreviewed

CVE-2023-20963 was published Mar 24, 2023

A security vulnerability has been identified in all supported versions of OpenSSL related to the... High Unreviewed

CVE-2023-0464 was published Mar 22, 2023

Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on... High Unreviewed

CVE-2022-4895 was published Feb 28, 2023

An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0... High Unreviewed

CVE-2022-39948 was published Feb 16, 2023

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a... High Unreviewed

CVE-2022-27890 was published Feb 16, 2023

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by... High Unreviewed

CVE-2020-36659 was published Jan 27, 2023

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default... High Unreviewed

CVE-2020-36658 was published Jan 27, 2023

Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for... High Unreviewed

CVE-2023-23690 was published Jan 19, 2023

Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for... High Unreviewed

CVE-2022-42979 was published Jan 6, 2023

When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should... High Unreviewed

CVE-2022-34469 was published Dec 22, 2022

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an... High Unreviewed

CVE-2022-20960 was published Nov 4, 2022

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a... High Unreviewed

CVE-2022-41747 was published Oct 11, 2022

A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The... High Unreviewed

CVE-2022-40147 was published Oct 11, 2022

FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in... High Unreviewed

CVE-2022-36173 was published Sep 13, 2022

Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed

CVE-2021-43766 was published Aug 26, 2022

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not... High Unreviewed

CVE-2022-1805 was published Jul 29, 2022

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an... High Unreviewed

CVE-2022-20860 was published Jul 22, 2022

IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter... High Unreviewed

CVE-2021-29755 was published Jul 21, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

272 advisories