GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
15 advisories
Filter by severity
Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name (CN) field...
Low
Unreviewed
CVE-2012-2993
was published
May 17, 2022
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well...
Low
Unreviewed
CVE-2019-1552
was published
May 24, 2022
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS)...
Low
Unreviewed
CVE-2021-1354
was published
May 24, 2022
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw...
Low
Unreviewed
CVE-2021-22138
was published
May 24, 2022
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support...
Low
Unreviewed
CVE-2022-34394
was published
Sep 29, 2022
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a...
Low
Unreviewed
CVE-2022-48308
was published
Feb 16, 2023
It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a...
Low
Unreviewed
CVE-2022-48307
was published
Feb 16, 2023
The error page for sites with invalid TLS certificates was missing the
activation-delay Firefox...
Low
Unreviewed
CVE-2023-34414
was published
Jun 19, 2023
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability...
Low
Unreviewed
CVE-2023-32464
was published
Jun 23, 2023
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as...
Low
Unreviewed
CVE-2024-4063
was published
Apr 23, 2024
A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic....
Low
Unreviewed
CVE-2024-4062
was published
Apr 23, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a...
Low
Unreviewed
CVE-2024-4786
was published
Jul 26, 2024
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not...
Low
Unreviewed
CVE-2024-5445
was published
Aug 12, 2024
An improper certificate validation vulnerability has been reported to affect QuMagie. If...
Low
Unreviewed
CVE-2024-38642
was published
Sep 6, 2024
ProTip!
Advisories are also available from the
GraphQL API