GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
272 advisories
Filter by severity
When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist...
High
Unreviewed
CVE-2020-1675
was published
May 24, 2022
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle...
High
Unreviewed
CVE-2020-26117
was published
May 24, 2022
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 ...
High
Unreviewed
CVE-2020-15604
was published
May 24, 2022
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5...
High
Unreviewed
CVE-2020-5913
was published
May 24, 2022
** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14...
High
Unreviewed
CVE-2020-16164
was published
May 24, 2022
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third...
High
Unreviewed
CVE-2020-15719
was published
May 24, 2022
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler...
High
Unreviewed
CVE-2020-1113
was published
May 24, 2022
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a...
High
Unreviewed
CVE-2015-0294
was published
May 24, 2022
The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which...
High
Unreviewed
CVE-2019-6032
was published
May 24, 2022
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could...
High
Unreviewed
CVE-2019-16209
was published
May 24, 2022
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager...
High
Unreviewed
CVE-2019-14823
was published
May 24, 2022
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id)...
High
Unreviewed
CVE-2019-0054
was published
May 24, 2022
The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com...
High
Unreviewed
CVE-2019-16263
was published
May 24, 2022
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for...
High
Unreviewed
CVE-2019-15042
was published
May 24, 2022
An issue was discovered in Couchbase Server 5.0.0. When creating a new remote cluster reference...
High
Unreviewed
CVE-2019-11497
was published
May 24, 2022
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
High
Unreviewed
CVE-2016-10937
was published
May 24, 2022
Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a...
High
Unreviewed
CVE-2019-3751
was published
May 24, 2022
There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1.
High
Unreviewed
CVE-2019-15525
was published
May 24, 2022
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in...
High
Unreviewed
CVE-2019-14516
was published
May 24, 2022
It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An...
High
Unreviewed
CVE-2019-3890
was published
May 24, 2022
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and...
High
Unreviewed
CVE-2019-1006
was published
May 24, 2022
A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform...
High
Unreviewed
CVE-2019-11242
was published
May 24, 2022
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509...
High
Unreviewed
CVE-2019-5961
was published
May 24, 2022
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG...
High
Unreviewed
CVE-2019-13050
was published
May 24, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its...
High
Unreviewed
CVE-2019-7229
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API