Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

83 advisories

Loading
The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for... Critical Unreviewed
CVE-2021-45490 was published Mar 29, 2022
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not... Critical Unreviewed
CVE-2021-29656 was published Feb 19, 2022
Improper Certificate Validation in Hutool Critical
CVE-2022-22885 was published for cn.hutool:hutool-http (Maven) Feb 17, 2022
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
Improper Certificate Validation in xmlhttprequest-ssl Critical
CVE-2021-31597 was published for xmlhttprequest-ssl (npm) May 24, 2021
Improper Certificate Validation in WP-CLI framework Critical
CVE-2021-29504 was published for wp-cli/wp-cli (Composer) May 19, 2021
WhiteWinterWolf
Improper Certificate Validation in Twisted Critical
CVE-2019-12855 was published for twisted (pip) Aug 16, 2019
splunk-sdk does not properly verify untrusted TLS server certificates Critical
CVE-2019-5729 was published for splunk-sdk (pip) Mar 25, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database