Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

959 advisories

Loading
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is... Moderate Unreviewed
CVE-2021-43767 was published Aug 26, 2022
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed
CVE-2021-43766 was published Aug 26, 2022
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5... High Unreviewed
CVE-2020-5913 was published May 24, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Moderate Unreviewed
CVE-2020-11580 was published May 24, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and ... Moderate Unreviewed
CVE-2020-8172 was published May 24, 2022
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips... Moderate Unreviewed
CVE-2020-13645 was published May 24, 2022
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third... High Unreviewed
CVE-2020-15719 was published May 24, 2022
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well... Low Unreviewed
CVE-2019-1552 was published May 24, 2022
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an... Moderate Unreviewed
CVE-2020-9525 was published May 24, 2022
eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently... Moderate Unreviewed
CVE-2020-12618 was published May 24, 2022
nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate Moderate
CVE-2017-1000209 was published for com.neovisionaries:nv-websocket-client (Maven) May 17, 2022
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced... Moderate Unreviewed
CVE-2020-12619 was published May 24, 2022
A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software... Moderate Unreviewed
CVE-2020-3557 was published May 24, 2022
VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack... High Unreviewed
CVE-2020-3994 was published May 24, 2022
When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist... High Unreviewed
CVE-2020-1675 was published May 24, 2022
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core Moderate
CVE-2020-29457 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Nov 19, 2021
mregen
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. High Unreviewed
CVE-2020-28362 was published May 24, 2022
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS... High Unreviewed
CVE-2019-17007 was published May 24, 2022
An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST while proxied through an... Moderate Unreviewed
CVE-2020-28942 was published May 24, 2022
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0... High Unreviewed
CVE-2020-8279 was published May 24, 2022
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved... Moderate Unreviewed
CVE-2019-8642 was published May 24, 2022
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a... High Unreviewed
CVE-2020-8241 was published May 24, 2022
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM)... Critical Unreviewed
CVE-2020-27649 was published May 24, 2022
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 ... High Unreviewed
CVE-2020-15604 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database