GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
Improper Validation of Certificates in apache axis
Moderate
CVE-2014-3596
was published
for
axis:axis
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate
Moderate
CVE-2018-10936
was published
for
org.postgresql:pgjdbc-aggregate
(Maven)
Oct 19, 2018
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak
Moderate
CVE-2020-1758
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL...
Moderate
Unreviewed
CVE-2017-2913
was published
May 13, 2022
An exploitable vulnerability exists in the remote control functionality of Circle with Disney...
Moderate
Unreviewed
CVE-2017-2912
was published
May 13, 2022
An exploitable vulnerability exists in the remote control functionality of Circle with Disney...
Moderate
Unreviewed
CVE-2017-2911
was published
May 13, 2022
Improper Validation of Certificate with Host Mismatch in Shibboleth Identity Provider and OpenSAML Java
Moderate
CVE-2014-3603
was published
for
edu.internet2.middleware:shibboleth-identityprovider
(Maven)
May 14, 2022
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10...
Moderate
Unreviewed
CVE-2014-3522
was published
May 14, 2022
Improper Validation of Certificate with Host Mismatch in Not Yet Commons SSL
Moderate
CVE-2014-3604
was published
for
ca.juliusdavies:not-yet-commons-ssl
(Maven)
May 14, 2022
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47...
Moderate
Unreviewed
CVE-2016-1280
was published
May 17, 2022
Jenkins SmallTest Plugin missing hostname validation
Moderate
CVE-2022-41243
was published
for
com.smalltest:smalltest
(Maven)
Sep 22, 2022
Missing hostname validation in Jenkins View26 Test-Reporting Plugin
Moderate
CVE-2022-41244
was published
for
org.jenkins-ci.plugins:view26
(Maven)
Sep 22, 2022
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability...
Moderate
Unreviewed
CVE-2023-24568
was published
May 30, 2023
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6...
Moderate
Unreviewed
CVE-2022-22305
was published
Sep 1, 2023
libcurl did not check the server certificate of TLS connections done to a host specified as an IP...
Moderate
Unreviewed
CVE-2024-2466
was published
Mar 27, 2024
casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification
Moderate
CVE-2024-41264
was published
for
github.com/casdoor/casdoor
(Go)
Aug 1, 2024
Missing hostname validation in Kroxylicious
Moderate
CVE-2024-8285
was published
for
io.kroxylicious:kroxylicious-runtime
(Maven)
Aug 31, 2024
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server...
Moderate
Unreviewed
CVE-2024-38324
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API