GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
274 advisories
Filter by severity
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024...
High
Unreviewed
CVE-2024-43201
was published
Sep 23, 2024
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS...
High
Unreviewed
CVE-2024-8287
was published
Sep 18, 2024
An improper certificate validation vulnerability in TLS certificate validation allows an attacker...
High
Unreviewed
CVE-2024-40714
was published
Sep 7, 2024
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an...
High
Unreviewed
CVE-2024-41996
was published
Aug 26, 2024
A flaw was found in the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an...
High
Unreviewed
CVE-2024-8007
was published
Aug 21, 2024
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and...
High
Unreviewed
CVE-2024-7570
was published
Aug 13, 2024
Certificate Validation user interface in LibreOffice allows potential vulnerability.
Signed...
High
Unreviewed
CVE-2024-6472
was published
Aug 5, 2024
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the...
High
Unreviewed
CVE-2024-28872
was published
Jul 11, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3...
High
Unreviewed
CVE-2023-50178
was published
Jul 9, 2024
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message
queueing mechanism...
High
Unreviewed
CVE-2024-28021
was published
Jun 11, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35140
was published
May 31, 2024
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on...
High
Unreviewed
CVE-2022-32509
was published
May 14, 2024
NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution...
High
Unreviewed
CVE-2023-35721
was published
May 3, 2024
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This...
High
Unreviewed
CVE-2024-3738
was published
Apr 13, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31871
was published
Apr 10, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31872
was published
Apr 10, 2024
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-27323
was published
Apr 2, 2024
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer...
High
Unreviewed
CVE-2024-1351
was published
Mar 7, 2024
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted...
High
Unreviewed
CVE-2023-40104
was published
Feb 16, 2024
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can...
High
Unreviewed
CVE-2024-25642
was published
Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an...
High
Unreviewed
CVE-2023-32330
was published
Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a...
High
Unreviewed
CVE-2023-43017
was published
Feb 7, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,...
High
Unreviewed
CVE-2020-29504
was published
Feb 2, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
High
Unreviewed
CVE-2023-6043
was published
Jan 19, 2024
Improper validation of the server’s certificate chain in secure traffic scanning feature...
High
Unreviewed
CVE-2023-5594
was published
Dec 21, 2023
ProTip!
Advisories are also available from the
GraphQL API