Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. High Unreviewed
CVE-2012-6071 was published Apr 23, 2022
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08... Moderate Unreviewed
CVE-2021-3898 was published Apr 23, 2022
Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of... Moderate Unreviewed
CVE-2011-2669 was published Apr 22, 2022
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to... Moderate Unreviewed
CVE-2011-2207 was published Apr 22, 2022
Mercurial Improper Certificate Validation vulnerability Moderate
CVE-2010-4237 was published for mercurial (pip) Apr 21, 2022
A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates... Moderate Unreviewed
CVE-2007-5967 was published Apr 21, 2022
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when... High Unreviewed
CVE-2022-27536 was published Apr 21, 2022
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated... High Unreviewed
CVE-2022-22549 was published Apr 13, 2022
Improper Certificate Validation High
CVE-2017-11770 was published for Microsoft.NETCore.App (NuGet) Apr 12, 2022
In ccu, there is a possible escalation of privilege due to a missing certificate validation. This... Moderate Unreviewed
CVE-2022-20071 was published Apr 12, 2022
In A-GPS, there is a possible man in the middle attack due to improper certificate validation.... Moderate Unreviewed
CVE-2022-20081 was published Apr 12, 2022
WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify... Moderate Unreviewed
CVE-2022-28352 was published Apr 3, 2022
Improper Certificate Validation in node-sass affects eZ Platform Moderate
GHSA-6v6p-g8cg-2hgg was published for ezsystems/ezplatform-admin-ui (Composer) Apr 1, 2022
SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin Moderate
CVE-2022-28142 was published for org.jenkins-ci.plugins:proxmox (Maven) Mar 30, 2022
NotMyFault
The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for... Critical Unreviewed
CVE-2021-45490 was published Mar 29, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0123 was published Mar 29, 2022
Improper Certificate Validation in kubeclient High
CVE-2022-0759 was published for kubeclient (RubyGems) Mar 26, 2022
tdunlap607
Improper Certificate Validation in OWASP ZAP Moderate
CVE-2022-27820 was published for org.zaproxy:zap (Maven) Mar 25, 2022
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers... High Unreviewed
CVE-2021-3618 was published Mar 24, 2022
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate... High Unreviewed
CVE-2021-3698 was published Mar 11, 2022
Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9... Moderate Unreviewed
CVE-2022-21170 was published Mar 11, 2022
"Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under... Moderate Unreviewed
CVE-2022-25243 was published Mar 11, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed
CVE-2021-42017 was published Mar 9, 2022
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable... Moderate Unreviewed
CVE-2022-22946 was published Mar 5, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25636 was published Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database