GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
961 advisories
Filter by severity
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper...
High
Unreviewed
CVE-2023-31190
was published
Jul 11, 2023
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows...
Moderate
Unreviewed
CVE-2023-24461
was published
Jul 6, 2023
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual...
High
Unreviewed
CVE-2021-21548
was published
Jul 6, 2023
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software...
High
Unreviewed
CVE-2022-32748
was published
Jul 6, 2023
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32...
High
Unreviewed
CVE-2023-23546
was published
Jul 6, 2023
Bouncy Castle For Java LDAP injection vulnerability
Moderate
CVE-2023-33201
was published
for
org.bouncycastle:bcprov-debug-jdk14
(Maven)
Jul 5, 2023
Keycloak vulnerable to Improper Client Certificate Validation for OAuth/OpenID clients
High
CVE-2023-2422
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 30, 2023
Keycloak Untrusted Certificate Validation vulnerability
Moderate
CVE-2023-1664
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 30, 2023
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability...
Low
Unreviewed
CVE-2023-32464
was published
Jun 23, 2023
The error page for sites with invalid TLS certificates was missing the
activation-delay Firefox...
Low
Unreviewed
CVE-2023-34414
was published
Jun 19, 2023
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and...
High
Unreviewed
CVE-2023-30222
was published
Jun 16, 2023
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin
High
CVE-2023-35142
was published
for
com.checkmarx.jenkins:checkmarx
(Maven)
Jun 14, 2023
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku...
Moderate
Unreviewed
CVE-2023-29501
was published
Jun 13, 2023
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all...
Moderate
Unreviewed
CVE-2023-29175
was published
Jun 13, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6...
Moderate
Unreviewed
CVE-2023-34410
was published
Jun 5, 2023
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed...
Moderate
Unreviewed
CVE-2023-0430
was published
Jun 2, 2023
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted...
Moderate
Unreviewed
CVE-2023-0547
was published
Jun 2, 2023
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability...
Moderate
Unreviewed
CVE-2023-24568
was published
May 30, 2023
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports...
Moderate
Unreviewed
CVE-2023-28321
was published
May 26, 2023
Duplicate Advisory: Keycloak vulnerable to untrusted certificate validation
Moderate
GHSA-c892-cwq6-qrqf
was published
for
org.keycloak:keycloak-core
(Maven)
May 26, 2023
•
withdrawn
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator...
High
Unreviewed
CVE-2023-20881
was published
May 19, 2023
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45457
was published
May 18, 2023
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45458
was published
May 18, 2023
Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation
Moderate
CVE-2023-32994
was published
for
io.jenkins.plugins:miniorange-saml-sp
(Maven)
May 16, 2023
in-toto: PGP trust model not (fully) considered
Moderate
GHSA-jjgp-whrp-gq8m
was published
for
in-toto
(pip)
May 11, 2023
ProTip!
Advisories are also available from the
GraphQL API