Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

373 advisories

Loading
A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x... High Unreviewed
CVE-2018-5761 was published May 14, 2022
Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R006C00, TE60 V600R006C00 have... High Unreviewed
CVE-2017-15341 was published May 14, 2022
VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates from SSL servers, which... High Unreviewed
CVE-2018-6827 was published May 14, 2022
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could... High Unreviewed
CVE-2018-6221 was published May 14, 2022
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when... High Unreviewed
CVE-2016-9952 was published May 14, 2022
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to... High Unreviewed
CVE-2018-8059 was published May 14, 2022
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature. High Unreviewed
CVE-2017-18227 was published May 14, 2022
On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP... High Unreviewed
CVE-2018-5502 was published May 14, 2022
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2... High Unreviewed
CVE-2018-8970 was published May 14, 2022
The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates... High Unreviewed
CVE-2018-0553 was published May 14, 2022
An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate... High Unreviewed
CVE-2018-10066 was published May 14, 2022
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man... High Unreviewed
CVE-2013-7201 was published May 14, 2022
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and... High Unreviewed
CVE-2015-8960 was published May 14, 2022
Salt vulnerable to Improper Certificate Validation High
CVE-2015-4017 was published for salt (pip) May 14, 2022
On Darwin, user's trust preferences for root certificates were not honored. If the user had a... High Unreviewed
CVE-2017-1000097 was published May 14, 2022
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a... High Unreviewed
CVE-2018-1153 was published May 14, 2022
The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL... High Unreviewed
CVE-2018-0611 was published May 14, 2022
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a... High Unreviewed
CVE-2018-12499 was published May 14, 2022
The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates... High Unreviewed
CVE-2018-0622 was published May 14, 2022
Jenkins TraceTronic ECU-TEST Plugin Man in the middle vulnerability High
CVE-2018-1999025 was published for de.tracetronic.jenkins.plugins:ecutest (Maven) May 14, 2022
Jenkins Inedo BuildMaster Plugin globally and unconditionally disabled SSL/TLS certificate validation High
CVE-2018-1999035 was published for com.inedo.buildmaster:inedo-buildmaster (Maven) May 14, 2022
Jenkins Inedo ProGet Plugin globally and unconditionally disabled SSL/TLS certificate validation High
CVE-2018-1999034 was published for com.inedo.proget:inedo-proget (Maven) May 14, 2022
OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers... High Unreviewed
CVE-2014-3451 was published May 14, 2022
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of... High Unreviewed
CVE-2015-4680 was published May 14, 2022
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of... High Unreviewed
CVE-2018-11712 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database