Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Loading
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in... High Unreviewed
CVE-2021-34599 was published Dec 2, 2021
A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected... High Unreviewed
CVE-2021-42027 was published Dec 15, 2021
e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate validation in the SSL MITM... High Unreviewed
CVE-2021-44273 was published Dec 24, 2021
Windows Certificate Spoofing Vulnerability. High Unreviewed
CVE-2022-21836 was published Jan 12, 2022
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker... High Unreviewed
CVE-2022-22156 was published Jan 20, 2022
A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1... High Unreviewed
CVE-2021-21959 was published Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... High Unreviewed
CVE-2022-20703 was published Feb 11, 2022
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to... High Unreviewed
CVE-2021-44531 was published Feb 25, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25636 was published Feb 25, 2022
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate... High Unreviewed
CVE-2021-3698 was published Mar 11, 2022
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers... High Unreviewed
CVE-2021-3618 was published Mar 24, 2022
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated... High Unreviewed
CVE-2022-22549 was published Apr 13, 2022
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when... High Unreviewed
CVE-2022-27536 was published Apr 21, 2022
nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. High Unreviewed
CVE-2012-6071 was published Apr 23, 2022
vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from... High Unreviewed
CVE-2012-5518 was published Apr 23, 2022
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS... High Unreviewed
CVE-2012-0955 was published Apr 23, 2022
X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01... High Unreviewed
CVE-2003-1229 was published Apr 29, 2022
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust... High Unreviewed
CVE-2002-0862 was published Apr 30, 2022
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows... High Unreviewed
CVE-2010-1378 was published May 2, 2022
Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-26923 was published May 11, 2022
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud... High Unreviewed
CVE-2018-4015 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7234 was published May 13, 2022
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed
CVE-2017-4981 was published May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed
CVE-2015-0534 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API