GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
85 advisories
Filter by severity
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
Moderate
CVE-2018-12087
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 16, 2018
Insecure Defaults Leads to Potential MITM in ezseed-transmission
Moderate
CVE-2016-1000224
was published
for
ezseed-transmission
(npm)
Sep 1, 2020
Moderate severity vulnerability that affects com.rabbitmq:amqp-client and org.springframework.amqp:spring-amqp
Moderate
CVE-2018-11087
was published
for
com.rabbitmq:amqp-client
(Maven)
Oct 18, 2018
Improper Certificate Validation in node-sass affects eZ Platform
Moderate
GHSA-6v6p-g8cg-2hgg
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
Apr 1, 2022
Improper Certificate Validation in TweetStream
Moderate
CVE-2020-24393
was published
for
tweetstream
(RubyGems)
Apr 13, 2021
Improper Certificate Validation in OWASP ZAP
Moderate
CVE-2022-27820
was published
for
org.zaproxy:zap
(Maven)
Mar 25, 2022
Improper Certificate Handling
Moderate
CVE-2020-9321
was published
for
github.com/traefik/traefik
(Go)
Sep 2, 2021
Improper Certificate Validation in OkHttp
Moderate
CVE-2016-2402
was published
for
com.squareup.okhttp3:okhttp
(Maven)
May 13, 2022
Improper Certificate Validation in Shibboleth Identity Provider and OpenSAML
Moderate
CVE-2015-1796
was published
for
edu.internet2.middleware:shibboleth-identityprovider
(Maven)
May 17, 2022
Improper Certificate Validation in Jenkins
Moderate
CVE-2017-1000396
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Jenkins CollabNet Plugin man in the middle vulnerability
Moderate
CVE-2018-1000605
was published
for
org.jenkins-ci.plugins:collabnet
(Maven)
May 14, 2022
Traefik routes exposed with an empty TLSOption
Moderate
CVE-2022-46153
was published
for
github.com/traefik/traefik/v2
(Go)
Dec 8, 2022
Apache Pulsar Java Client vulnerable to Improper Certificate Validation
Moderate
CVE-2022-33681
was published
for
org.apache.pulsar:pulsar-client
(Maven)
Sep 25, 2022
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation
Moderate
CVE-2022-33682
was published
for
org.apache.pulsar:pulsar-broker
(Maven)
Sep 25, 2022
Improper Certificate Validation in Microsoft .NET Framework components
Moderate
CVE-2018-8356
was published
for
System.Private.ServiceModel
(NuGet)
May 14, 2022
nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate
Moderate
CVE-2017-1000209
was published
for
com.neovisionaries:nv-websocket-client
(Maven)
May 17, 2022
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core
Moderate
CVE-2020-29457
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Nov 19, 2021
Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation
Moderate
CVE-2022-33683
was published
for
org.apache.pulsar:pulsar-broker
(Maven)
Sep 25, 2022
Improper Certificate Validation in vt-ldap
Moderate
CVE-2014-3607
was published
for
edu.internet2.middleware:shibboleth-identityprovider
(Maven)
May 14, 2022
Keycloak vulnerable to Improper Certificate Validation
Moderate
CVE-2020-35509
was published
for
org.keycloak:keycloak-core
(Maven)
Aug 24, 2022
net-ldap Improper Certificate Validation vulnerability
Moderate
CVE-2017-17718
was published
for
net-ldap
(RubyGems)
Jan 6, 2018
Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak
Moderate
CVE-2019-3875
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 27, 2019
Improper Certificate Validation in Liferay Portal
Moderate
CVE-2022-42131
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak
Moderate
CVE-2020-1758
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
Improper Certificate Validation in twitter-stream
Moderate
CVE-2020-24392
was published
for
twitter-stream
(RubyGems)
Mar 29, 2021
ProTip!
Advisories are also available from the
GraphQL API