GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,330
Composer 4,361
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,794
NuGet 685
pip 3,473
Pub 12
RubyGems 895
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 245,010

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an... High Unreviewed

CVE-2022-20860 was published Jul 22, 2022

IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter... High Unreviewed

CVE-2021-29755 was published Jul 21, 2022

In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not... High Unreviewed

CVE-2020-16093 was published Jul 19, 2022

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed

CVE-2022-32152 was published Jun 16, 2022

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed

CVE-2022-32153 was published Jun 16, 2022

Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service... High Unreviewed

CVE-2022-26493 was published Jun 4, 2022

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been... High Unreviewed

CVE-2022-27782 was published Jun 3, 2022

Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate... High Unreviewed

CVE-2020-26184 was published Jun 2, 2022

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can... High Unreviewed

CVE-2021-3935 was published May 24, 2022

Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle... High Unreviewed

CVE-2021-23162 was published May 24, 2022

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate... High Unreviewed

CVE-2021-43114 was published May 24, 2022

IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has... High Unreviewed

CVE-2021-29737 was published May 24, 2022

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate... High Unreviewed

CVE-2021-20833 was published May 24, 2022

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed

CVE-2021-25634 was published May 24, 2022

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed

CVE-2021-25633 was published May 24, 2022

The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO... High Unreviewed

CVE-2021-35497 was published May 24, 2022

IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to... High Unreviewed

CVE-2021-38864 was published May 24, 2022

The mechanism which performs certificate validation was discovered to have a flaw that resulted... High Unreviewed

CVE-2021-27018 was published May 24, 2022

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS).... High Unreviewed

CVE-2020-36478 was published May 24, 2022

Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5... High Unreviewed

CVE-2021-32581 was published May 24, 2022

libcurl-using applications can ask for a specific client certificate to be used in a transfer.... High Unreviewed

CVE-2021-22926 was published May 24, 2022

Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate... High Unreviewed

CVE-2021-35193 was published May 24, 2022

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an... High Unreviewed

CVE-2020-12681 was published May 24, 2022

Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can... High Unreviewed

CVE-2021-20109 was published May 24, 2022

A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK... High Unreviewed

CVE-2021-31892 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories