Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

283 advisories

Loading
An issue was discovered in Couchbase Server 5.0.0. When creating a new remote cluster reference... High Unreviewed
CVE-2019-11497 was published May 24, 2022
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. High Unreviewed
CVE-2016-10937 was published May 24, 2022
Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a... High Unreviewed
CVE-2019-3751 was published May 24, 2022
There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1. High Unreviewed
CVE-2019-15525 was published May 24, 2022
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in... High Unreviewed
CVE-2019-14516 was published May 24, 2022
It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An... High Unreviewed
CVE-2019-3890 was published May 24, 2022
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and... High Unreviewed
CVE-2019-1006 was published May 24, 2022
A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform... High Unreviewed
CVE-2019-11242 was published May 24, 2022
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509... High Unreviewed
CVE-2019-5961 was published May 24, 2022
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG... High Unreviewed
CVE-2019-13050 was published May 24, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its... High Unreviewed
CVE-2019-7229 was published May 24, 2022
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing... High Unreviewed
CVE-2018-20135 was published May 24, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not... High Unreviewed
CVE-2018-5408 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches... High Unreviewed
CVE-2019-1859 was published May 24, 2022
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of... High Unreviewed
CVE-2019-1590 was published May 24, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0... High Unreviewed
CVE-2022-22787 was published May 19, 2022
duplicity 0.6.24 has improper verification of SSL certificates High Unreviewed
CVE-2014-3495 was published May 17, 2022
wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. High Unreviewed
CVE-2014-2902 was published May 17, 2022
wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. High Unreviewed
CVE-2014-2901 was published May 17, 2022
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. High Unreviewed
CVE-2016-1132 was published May 17, 2022
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect... High Unreviewed
CVE-2017-7192 was published May 17, 2022
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in... High Unreviewed
CVE-2017-5887 was published May 17, 2022
Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all... High Unreviewed
CVE-2013-7450 was published May 17, 2022
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form,... High Unreviewed
CVE-2017-8059 was published May 17, 2022
In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the... High Unreviewed
CVE-2016-8231 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database