Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,097 advisories

Loading
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6... Moderate Unreviewed
CVE-2009-2409 was published May 2, 2022
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings. High Unreviewed
CVE-2023-23131 was published Feb 1, 2023
TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly... Moderate Unreviewed
CVE-2024-31340 was published May 22, 2024
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed
CVE-2025-30000 was published Apr 8, 2025
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2... Moderate Unreviewed
CVE-2008-4989 was published May 14, 2022
Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes... Moderate Unreviewed
CVE-2009-3046 was published May 2, 2022
Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for... High Unreviewed
CVE-2022-42979 was published Jan 6, 2023
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and... Moderate Unreviewed
CVE-2015-3152 was published May 14, 2022
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and... High Unreviewed
CVE-2015-8960 was published May 14, 2022
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS... Moderate Unreviewed
CVE-2022-45419 was published Dec 22, 2022
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed
CVE-2024-42193 was published Apr 15, 2025
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should... High Unreviewed
CVE-2022-34469 was published Dec 22, 2022
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank... Moderate Unreviewed
CVE-2022-1834 was published Dec 22, 2022
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the... Moderate Unreviewed
CVE-2022-22747 was published Dec 22, 2022
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird... Moderate Unreviewed
CVE-2022-1197 was published Dec 22, 2022
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An... Low Unreviewed
CVE-2025-26478 was published Apr 17, 2025
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint... Moderate Unreviewed
CVE-2016-9892 was published May 17, 2022
The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed
CVE-2017-5918 was published May 17, 2022
Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS... Moderate Unreviewed
CVE-2017-8058 was published May 17, 2022
The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 for iOS does not verify X... Moderate Unreviewed
CVE-2017-5916 was published May 17, 2022
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and... Moderate Unreviewed
CVE-2016-4818 was published May 17, 2022
Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates. High Unreviewed
CVE-2016-1148 was published May 13, 2022
The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509... Moderate Unreviewed
CVE-2017-8935 was published May 13, 2022
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core)... High Unreviewed
CVE-2017-3563 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database