GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

390 advisories

Filter by severity

Sort by

Least recently updated

Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all... Moderate Unreviewed

CVE-2019-11674 was published May 24, 2022

It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client... Moderate Unreviewed

CVE-2019-3814 was published May 24, 2022

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain... Moderate Unreviewed

CVE-2019-5506 was published May 24, 2022

Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration. Moderate Unreviewed

CVE-2019-16179 was published May 24, 2022

A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote... Moderate Unreviewed

CVE-2019-1948 was published May 24, 2022

The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate... Moderate Unreviewed

CVE-2019-5280 was published May 24, 2022

In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). Moderate Unreviewed

CVE-2017-18479 was published May 24, 2022

An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019... Moderate Unreviewed

CVE-2019-14334 was published May 24, 2022

A vulnerability exists where it possible to force Network Security Services (NSS) to sign... Moderate Unreviewed

CVE-2019-11727 was published May 24, 2022

A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network... Moderate Unreviewed

CVE-2019-1940 was published May 24, 2022

Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows... Moderate Unreviewed

CVE-2019-9148 was published May 24, 2022

IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a... Moderate Unreviewed

CVE-2019-4150 was published May 24, 2022

Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper... Moderate Unreviewed

CVE-2019-11550 was published May 24, 2022

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by... Moderate Unreviewed

CVE-2013-10001 was published May 18, 2022

IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not... Moderate Unreviewed

CVE-2021-29726 was published May 18, 2022

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL... Moderate Unreviewed

CVE-2011-0199 was published May 17, 2022

The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8... Moderate Unreviewed

CVE-2014-3394 was published May 17, 2022

The Chase mobile banking application for Android does not verify that the server hostname matches... Moderate Unreviewed

CVE-2012-5810 was published May 17, 2022

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification... Moderate Unreviewed

CVE-2012-4948 was published May 17, 2022

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server... Moderate Unreviewed

CVE-2016-7171 was published May 17, 2022

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint... Moderate Unreviewed

CVE-2016-9892 was published May 17, 2022

There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android... Moderate Unreviewed

CVE-2016-9319 was published May 17, 2022

Google Chrome caches TLS sessions before certificate validation occurs. Moderate Unreviewed

CVE-2013-6662 was published May 17, 2022

Photopt for Android before 2.0.1 does not verify SSL certificates. Moderate Unreviewed

CVE-2016-1198 was published May 17, 2022

Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates. Moderate Unreviewed

CVE-2016-1186 was published May 17, 2022

Previous 1 2 … 5 6 7 8 9 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

390 advisories