GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,868
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,499
Maven 5,933
npm 4,139
NuGet 735
pip 3,945
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,466

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

460 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7... Moderate Unreviewed

CVE-2023-50179 was published Jul 9, 2024

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed

CVE-2024-25053 was published Jun 29, 2024

TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly... Moderate Unreviewed

CVE-2024-31340 was published May 22, 2024

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper... Moderate Unreviewed

CVE-2024-35299 was published May 16, 2024

An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may... Moderate Unreviewed

CVE-2024-33612 was published May 8, 2024

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used... Moderate Unreviewed

CVE-2024-0042 was published May 7, 2024

IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to... Moderate Unreviewed

CVE-2023-50949 was published Apr 11, 2024

libcurl skips the certificate verification for a QUIC connection under certain conditions, when... Moderate Unreviewed

CVE-2024-2379 was published Mar 27, 2024

The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for... Moderate Unreviewed

CVE-2024-27440 was published Mar 13, 2024

This issue was addressed through improved state management. This issue is fixed in Safari 17.4,... Moderate Unreviewed

CVE-2024-23273 was published Mar 8, 2024

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2023-47742 was published Mar 3, 2024

An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2... Moderate Unreviewed

CVE-2023-47537 was published Feb 15, 2024

IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products... Moderate Unreviewed

CVE-2023-47700 was published Feb 7, 2024

curl inadvertently kept the SSL session ID for connections in its cache even when the verify... Moderate Unreviewed

CVE-2024-0853 was published Feb 3, 2024

In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name... Moderate Unreviewed

CVE-2023-28807 was published Jan 31, 2024

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate.... Moderate Unreviewed

CVE-2023-33760 was published Jan 25, 2024

A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and... Moderate Unreviewed

CVE-2023-33757 was published Jan 25, 2024

Cohesity DataProtect 6.8.1 and 6.6.0d was discovered to have a incorrect access control... Moderate Unreviewed

CVE-2023-33295 was published Jan 19, 2024

An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to... Moderate Unreviewed

CVE-2023-50454 was published Dec 10, 2023

OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows... Moderate Unreviewed

CVE-2022-3761 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity... Moderate Unreviewed

CVE-2022-22380 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a... Moderate Unreviewed

CVE-2022-43892 was published Oct 17, 2023

A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... Moderate Unreviewed

CVE-2023-41991 was published Sep 21, 2023

MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows... Moderate Unreviewed

CVE-2023-38353 was published Sep 19, 2023

Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying... Moderate Unreviewed

CVE-2023-35845 was published Sep 11, 2023

Previous 1…4…19 Next

Previous 1 2 3 4 5 6 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

460 advisories