GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
747 advisories
Filter by severity
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the...
High
Unreviewed
CVE-2024-28872
was published
Jul 11, 2024
An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to...
Moderate
Unreviewed
CVE-2024-37865
was published
Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0...
Moderate
Unreviewed
CVE-2024-33509
was published
Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3...
High
Unreviewed
CVE-2023-50178
was published
Jul 9, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7...
Moderate
Unreviewed
CVE-2023-50179
was published
Jul 9, 2024
In gnss service, there is a possible escalation of privilege due to improper certificate...
Critical
Unreviewed
CVE-2024-20080
was published
Jul 1, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is...
Moderate
Unreviewed
CVE-2024-25053
was published
Jun 29, 2024
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS...
Unknown
Unreviewed
CVE-2024-5261
was published
Jun 25, 2024
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message
queueing mechanism...
High
Unreviewed
CVE-2024-28021
was published
Jun 11, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35140
was published
May 31, 2024
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper...
Moderate
Unreviewed
CVE-2024-35299
was published
May 16, 2024
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on...
High
Unreviewed
CVE-2022-32509
was published
May 14, 2024
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may...
Moderate
Unreviewed
CVE-2024-33612
was published
May 8, 2024
In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used...
Moderate
Unreviewed
CVE-2024-0042
was published
May 7, 2024
NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution...
High
Unreviewed
CVE-2023-35721
was published
May 3, 2024
A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic....
Low
Unreviewed
CVE-2024-4062
was published
Apr 23, 2024
A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as...
Low
Unreviewed
CVE-2024-4063
was published
Apr 23, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This...
High
Unreviewed
CVE-2024-3738
was published
Apr 13, 2024
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to...
Moderate
Unreviewed
CVE-2023-50949
was published
Apr 11, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31872
was published
Apr 10, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31871
was published
Apr 10, 2024
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-27323
was published
Apr 2, 2024
The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for...
Moderate
Unreviewed
CVE-2024-27440
was published
Mar 13, 2024
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer...
High
Unreviewed
CVE-2024-1351
was published
Mar 7, 2024
ProTip!
Advisories are also available from the
GraphQL API