GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
Improper Certificate Validation in TweetStream
Moderate
CVE-2020-24393
was published
for
tweetstream
(RubyGems)
Apr 13, 2021
Improper Certificate Validation in Puppet
Moderate
CVE-2020-7942
was published
for
puppet
(RubyGems)
Apr 13, 2021
mongodb-client-encryption vulnerable to Improper Certificate Validation
Moderate
CVE-2021-20327
was published
for
mongodb-client-encryption
(npm)
Apr 12, 2021
Improper Certificate Validation in twitter-stream
Moderate
CVE-2020-24392
was published
for
twitter-stream
(RubyGems)
Mar 29, 2021
Using default SSLContext for HTTPS requests in an HTTPS proxy doesn't verify certificate hostname for proxy connection
Moderate
CVE-2021-28363
was published
for
urllib3
(pip)
Mar 19, 2021
Insecure Defaults Leads to Potential MITM in ezseed-transmission
Moderate
CVE-2016-1000224
was published
for
ezseed-transmission
(npm)
Sep 1, 2020
Data leakage via cache key collision in Django
Moderate
CVE-2020-13254
was published
for
Django
(pip)
Jun 5, 2020
Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak
Moderate
CVE-2019-3875
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 27, 2019
Moderate severity vulnerability that affects com.rabbitmq:amqp-client and org.springframework.amqp:spring-amqp
Moderate
CVE-2018-11087
was published
for
com.rabbitmq:amqp-client
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc and Microsoft.AspNetCore.Mvc.Core
Moderate
CVE-2017-0248
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
Moderate
CVE-2018-12087
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 16, 2018
net-ldap Improper Certificate Validation vulnerability
Moderate
CVE-2017-17718
was published
for
net-ldap
(RubyGems)
Jan 6, 2018
ProTip!
Advisories are also available from the
GraphQL API