GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

486 advisories

Filter by severity

Sort by

Least recently updated

HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable. Moderate Unreviewed

CVE-2024-30149 was published Oct 31, 2024

IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the... Moderate Unreviewed

CVE-2024-43177 was published Oct 22, 2024

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper... Moderate Unreviewed

CVE-2024-47241 was published Oct 18, 2024

An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass... Moderate Unreviewed

CVE-2024-31955 was published Oct 15, 2024

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could... Moderate Unreviewed

CVE-2024-20385 was published Oct 2, 2024

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. Moderate Unreviewed

CVE-2024-9160 was published Sep 27, 2024

Improper Certificate Validation in Checkmk Exchange plugin MikroTik allows attackers in MitM... Moderate Unreviewed

CVE-2024-38861 was published Sep 27, 2024

The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially... Moderate Unreviewed

CVE-2024-30134 was published Sep 26, 2024

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server... Moderate Unreviewed

CVE-2024-38324 was published Sep 25, 2024

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP... Moderate Unreviewed

CVE-2024-8096 was published Sep 11, 2024

AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7... Moderate Unreviewed

CVE-2024-31489 was published Sep 10, 2024

An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions... Moderate Unreviewed

CVE-2022-45856 was published Sep 10, 2024

Httpful is Missing Certificate Validation Moderate

GHSA-gcfg-hmwx-wq5h was published for nategood/httpful (Composer) Sep 9, 2024

QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate... Moderate Unreviewed

CVE-2024-39771 was published Aug 28, 2024

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with... Moderate Unreviewed

CVE-2023-50314 was published Aug 14, 2024

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network... Moderate Unreviewed

CVE-2023-50315 was published Aug 14, 2024

A flaw was found in libnbd. The client did not always correctly verify the NBD server's... Moderate Unreviewed

CVE-2024-7383 was published Aug 5, 2024

Under certain circumstances the exacqVision Server will not properly validate TLS certificates... Moderate Unreviewed

CVE-2024-32865 was published Aug 2, 2024

casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification Moderate

CVE-2024-41264 was published for github.com/casdoor/casdoor (Go) Aug 1, 2024

An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to... Moderate Unreviewed

CVE-2024-37865 was published Jul 9, 2024

A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to... Moderate Unreviewed

CVE-2024-28067 was published Jul 9, 2024

An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0... Moderate Unreviewed

CVE-2024-33509 was published Jul 9, 2024

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7... Moderate Unreviewed

CVE-2023-50179 was published Jul 9, 2024

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed

CVE-2024-25053 was published Jun 29, 2024

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper... Moderate Unreviewed

CVE-2024-35299 was published May 16, 2024

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

486 advisories