GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
402 advisories
Filter by severity
Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9...
Moderate
Unreviewed
CVE-2022-21170
was published
Mar 11, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3...
Moderate
Unreviewed
CVE-2022-0123
was published
Mar 29, 2022
WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify...
Moderate
Unreviewed
CVE-2022-28352
was published
Apr 3, 2022
In A-GPS, there is a possible man in the middle attack due to improper certificate validation....
Moderate
Unreviewed
CVE-2022-20081
was published
Apr 12, 2022
In ccu, there is a possible escalation of privilege due to a missing certificate validation. This...
Moderate
Unreviewed
CVE-2022-20071
was published
Apr 12, 2022
A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates...
Moderate
Unreviewed
CVE-2007-5967
was published
Apr 21, 2022
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08...
Moderate
Unreviewed
CVE-2021-3898
was published
Apr 23, 2022
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL...
Moderate
Unreviewed
CVE-2017-2913
was published
May 13, 2022
"Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under...
Moderate
Unreviewed
CVE-2022-25243
was published
Mar 11, 2022
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable...
Moderate
Unreviewed
CVE-2022-22946
was published
Mar 5, 2022
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names)...
Moderate
Unreviewed
CVE-2021-44532
was published
Feb 25, 2022
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and...
Moderate
Unreviewed
CVE-2015-3152
was published
May 14, 2022
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5,...
Moderate
Unreviewed
CVE-2022-26766
was published
May 27, 2022
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname...
Moderate
Unreviewed
CVE-2020-13614
was published
May 24, 2022
An issue was discovered in Octopus Deploy 3.4. A deployment target can be configured with an...
Moderate
Unreviewed
CVE-2020-16197
was published
May 24, 2022
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0...
Moderate
Unreviewed
CVE-2022-29082
was published
May 27, 2022
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses...
Moderate
Unreviewed
CVE-2022-26491
was published
Jun 3, 2022
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept...
Moderate
Unreviewed
CVE-2021-36382
was published
May 24, 2022
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key...
Moderate
Unreviewed
CVE-2021-34558
was published
May 24, 2022
Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH...
Moderate
Unreviewed
CVE-2021-20989
was published
May 24, 2022
An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when...
Moderate
Unreviewed
CVE-2020-36477
was published
May 24, 2022
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version...
Moderate
Unreviewed
CVE-2017-2278
was published
May 17, 2022
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server...
Moderate
Unreviewed
CVE-2022-29482
was published
Jun 15, 2022
The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does not verify SSL certificates,...
Moderate
Unreviewed
CVE-2015-0904
was published
May 17, 2022
The "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo app 3.0.2 -- aka state-bank...
Moderate
Unreviewed
CVE-2017-9590
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API