Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

924 advisories

Loading
Improper Certificate Validation in Graylog High
CVE-2020-15813 was published for org.graylog:graylog-parent (Maven) Feb 10, 2022
Apache Geode SSL endpoint verification vulnerability High
CVE-2019-10091 was published for org.apache.geode:geode-core (Maven) Feb 10, 2022
A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1... High Unreviewed
CVE-2021-21959 was published Feb 10, 2022
Improper Certificate Validation in node-sass Moderate
CVE-2020-24025 was published for node-sass (npm) Feb 9, 2022
tdunlap607
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak Moderate
CVE-2020-1758 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker... High Unreviewed
CVE-2022-22156 was published Jan 20, 2022
Windows Certificate Spoofing Vulnerability. High Unreviewed
CVE-2022-21836 was published Jan 12, 2022
Improper Certificate Validation in Apache IoTDB High
CVE-2020-1952 was published for org.apache.iotdb:iotdb-parent (Maven) Jan 6, 2022
e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate validation in the SSL MITM... High Unreviewed
CVE-2021-44273 was published Dec 24, 2021
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail High
CVE-2021-44549 was published for org.apache.sling:org.apache.sling.commons.messaging.mail (Maven) Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected... High Unreviewed
CVE-2021-42027 was published Dec 15, 2021
The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum... Moderate Unreviewed
CVE-2020-4496 was published Dec 14, 2021
Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could... Moderate Unreviewed
CVE-2021-31747 was published Dec 11, 2021
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in... High Unreviewed
CVE-2021-34599 was published Dec 2, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40830 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40829 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40828 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
Improper certificate management in AWS IoT Device SDK v2 Moderate
CVE-2021-40831 was published for aws-iot-device-sdk-v2 (Maven) Nov 24, 2021
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core Moderate
CVE-2020-29457 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Nov 19, 2021
mregen
Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle... Moderate Unreviewed
CVE-2021-23155 was published Nov 19, 2021
Improper Certificate Validation in Heartland & Global Payments PHP SDK Moderate
CVE-2019-20455 was published for globalpayments/php-sdk (Composer) Oct 12, 2021
HashiCorp Consul Privilege Escalation Vulnerability High
CVE-2021-37219 was published for github.com/hashicorp/consul (Go) Sep 8, 2021
tdunlap607
Privilege escalation in Hashicorp Nomad High
CVE-2021-37218 was published for github.com/hashicorp/nomad (Go) Sep 8, 2021
OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values High
CVE-2021-3761 was published for github.com/cloudflare/cfrpki (Go) Sep 7, 2021
job
ProTip! Advisories are also available from the GraphQL API