Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,099 advisories

Loading
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a... High Unreviewed
CVE-2015-0294 was published May 24, 2022
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c... Critical Unreviewed
CVE-2020-7043 was published May 24, 2022
In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process... Moderate Unreviewed
CVE-2020-11806 was published May 24, 2022
A missing secure communication definition and an incomplete TLS validation in the upgrade service... Moderate Unreviewed
CVE-2019-19101 was published May 24, 2022
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler... High Unreviewed
CVE-2020-1113 was published May 24, 2022
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. Moderate Unreviewed
CVE-2020-13616 was published May 24, 2022
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP... Moderate Unreviewed
CVE-2020-24661 was published May 24, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not... High Unreviewed
CVE-2018-5408 was published May 24, 2022
jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509... Moderate Unreviewed
CVE-2021-3285 was published May 24, 2022
An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2... High Unreviewed
CVE-2023-22642 was published Apr 11, 2023
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2... Moderate Unreviewed
CVE-2022-48437 was published Apr 12, 2023
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable... Critical Unreviewed
CVE-2023-26463 was published Apr 15, 2023
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows... Critical Unreviewed
CVE-2021-46880 was published Apr 15, 2023
Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute... Critical Unreviewed
CVE-2022-47758 was published Apr 27, 2023
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server,... Moderate Unreviewed
CVE-2023-31485 was published Apr 29, 2023
A certificate validation vulnerability exists in the Baiying Android application which could lead... High Unreviewed
CVE-2022-48186 was published May 1, 2023
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty... Moderate Unreviewed
CVE-2022-39161 was published May 3, 2023
An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories... Moderate Unreviewed
CVE-2023-31151 was published May 10, 2023
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability... Moderate Unreviewed
CVE-2023-24568 was published May 30, 2023
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed... Moderate Unreviewed
CVE-2023-0430 was published Jun 2, 2023
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted... Moderate Unreviewed
CVE-2023-0547 was published Jun 2, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6... Moderate Unreviewed
CVE-2023-34410 was published Jun 5, 2023
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all... Moderate Unreviewed
CVE-2023-29175 was published Jun 13, 2023
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku... Moderate Unreviewed
CVE-2023-29501 was published Jun 13, 2023
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability... Low Unreviewed
CVE-2023-32464 was published Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database