Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,097 advisories

Loading
A flaw was found in libnbd. The client did not always correctly verify the NBD server's... Moderate Unreviewed
CVE-2024-7383 was published Aug 5, 2024
The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially... Moderate Unreviewed
CVE-2024-30134 was published Sep 26, 2024
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks High
CVE-2015-1852 was published for keystonemiddleware (pip) May 17, 2022
OpenStack keystonemiddleware does not verify certificate High
CVE-2014-7144 was published for keystonemiddleware (pip) May 17, 2022
In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. Moderate Unreviewed
CVE-2024-9160 was published Sep 27, 2024
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper... High Unreviewed
CVE-2023-31190 was published Jul 11, 2023
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server... Moderate Unreviewed
CVE-2024-38324 was published Sep 25, 2024
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could... Moderate Unreviewed
CVE-2024-20385 was published Oct 2, 2024
Yelp OSXCollector Improper Certificate Validation High
CVE-2018-10406 was published for osxcollector (pip) May 13, 2022
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS... High Unreviewed
CVE-2024-7206 was published Oct 8, 2024
ovirt-engine-sdk-python improper validation of hostname in x.509 certificate High
CVE-2014-0161 was published for ovirt-engine-sdk-python (pip) May 17, 2022
Windows Secure Channel Spoofing Vulnerability High Unreviewed
CVE-2024-43550 was published Oct 8, 2024
Rancher agents can be hijacked by taking over the Rancher Server URL High
CVE-2024-22030 was published for github.com/rancher/rancher (Go) Sep 26, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper... Moderate Unreviewed
CVE-2024-47241 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6057 was published Oct 18, 2024
The host name verification missing in Apache Tomcat High
CVE-2018-8034 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Salt vulnerable to Improper Certificate Validation High
CVE-2015-4017 was published for salt (pip) May 14, 2022
Restkit Does Not Validate TLS certificates Moderate
CVE-2015-2674 was published for restkit (pip) May 17, 2022
SaltStack Salt Improper SSL Certificate Validation High
CVE-2020-35662 was published for salt (pip) May 24, 2022
Scalyr Agent Missing SSL Certificate Validation Critical
CVE-2020-24714 was published for scalyr-agent-2 (pip) May 24, 2022
Scalyr Agent 2 Missing SSL Certificate Validation Critical
CVE-2020-24715 was published for scalyr-agent-2 (pip) May 24, 2022
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning... High Unreviewed
CVE-2023-49567 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6056 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-49570 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The... High Unreviewed
CVE-2023-6058 was published Oct 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database