Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

62 advisories

Loading
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP... Critical Unreviewed
CVE-2019-20461 was published Nov 7, 2024
An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables... Critical Unreviewed
CVE-2024-45159 was published Sep 5, 2024
There is a vulnerability in the AP Certificate Management Service which could allow a threat... Critical Unreviewed
CVE-2024-42395 was published Aug 6, 2024
In gnss service, there is a possible escalation of privilege due to improper certificate... Critical Unreviewed
CVE-2024-20080 was published Jul 1, 2024
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under... Critical Unreviewed
CVE-2024-25140 was published Feb 6, 2024
SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack... Critical Unreviewed
CVE-2023-50356 was published Jan 31, 2024
An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-42425 was published Oct 31, 2023
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for... Critical Unreviewed
CVE-2023-5422 was published Oct 16, 2023
Lack of TLS certificate verification in log transmission of a financial module within LINE Client... Critical Unreviewed
CVE-2023-5554 was published Oct 12, 2023
In JetBrains Ktor before 2.3.5 server certificates were not verified Critical Unreviewed
CVE-2023-45613 was published Oct 9, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed... Critical Unreviewed
CVE-2023-40256 was published Aug 11, 2023
Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute... Critical Unreviewed
CVE-2022-47758 was published Apr 27, 2023
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows... Critical Unreviewed
CVE-2021-46880 was published Apr 15, 2023
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable... Critical Unreviewed
CVE-2023-26463 was published Apr 15, 2023
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. Critical Unreviewed
CVE-2022-45597 was published Mar 25, 2023
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up... Critical Unreviewed
CVE-2022-31733 was published Feb 3, 2023
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation... Critical Unreviewed
CVE-2022-45100 was published Feb 1, 2023
A certificate validation issue existed in the handling of WKWebView. This issue was addressed... Critical Unreviewed
CVE-2022-42813 was published Nov 2, 2022
An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible... Critical Unreviewed
CVE-2022-34831 was published Sep 15, 2022
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage... Critical Unreviewed
CVE-2022-37437 was published Aug 17, 2022
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x,... Critical Unreviewed
CVE-2022-34865 was published Aug 5, 2022
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a... Critical Unreviewed
CVE-2022-26305 was published Jul 26, 2022
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL:... Critical Unreviewed
CVE-2014-8164 was published Jul 7, 2022
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not... Critical Unreviewed
CVE-2022-32151 was published Jun 16, 2022
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line... Critical Unreviewed
CVE-2022-32156 was published Jun 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database