Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

989 advisories

Loading
SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack... Critical Unreviewed
CVE-2023-50356 was published Jan 31, 2024
Ylianst MeshCentral Missing SSL Certificate Validation Critical
CVE-2023-51837 was published for meshcentral (npm) Jan 30, 2024
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate.... Moderate Unreviewed
CVE-2023-33760 was published Jan 25, 2024
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and... Moderate Unreviewed
CVE-2023-33757 was published Jan 25, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local... High Unreviewed
CVE-2023-6043 was published Jan 19, 2024
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL) Moderate
CVE-2023-51662 was published for Snowflake.Data (NuGet) Dec 22, 2023
TimoVink
Improper validation of the server’s certificate chain in secure traffic scanning feature... High Unreviewed
CVE-2023-5594 was published Dec 21, 2023
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a... High Unreviewed
CVE-2023-1514 was published Dec 19, 2023
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all... High Unreviewed
CVE-2023-6680 was published Dec 15, 2023
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the... High Unreviewed
CVE-2020-12614 was published Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected... High Unreviewed
CVE-2023-48427 was published Dec 12, 2023
An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to... Moderate Unreviewed
CVE-2023-50454 was published Dec 10, 2023
Permission verification vulnerability in distributed scenarios. Successful exploitation of this... High Unreviewed
CVE-2023-49247 was published Dec 6, 2023
KEPServerEX does not properly validate certificates from clients which may allow... High Unreviewed
CVE-2023-5909 was published Dec 1, 2023
Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity... High Unreviewed
CVE-2023-49312 was published Nov 27, 2023
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component.... High Unreviewed
CVE-2023-43082 was published Nov 22, 2023
Missing SSL certificate validation in localstack High
CVE-2023-48054 was published for localstack (pip) Nov 16, 2023
HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack High
CVE-2023-48052 was published for httpie (pip) Nov 16, 2023
RJPercival
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote... High Unreviewed
CVE-2023-42532 was published Nov 13, 2023
An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-42425 was published Oct 31, 2023
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet... High Unreviewed
CVE-2023-31421 was published Oct 26, 2023
light-oauth2 missing public key verification Moderate
CVE-2023-31580 was published for com.networknt:light-oauth2 (Maven) Oct 25, 2023
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows... Moderate Unreviewed
CVE-2022-3761 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a... Moderate Unreviewed
CVE-2022-43892 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity... Moderate Unreviewed
CVE-2022-22380 was published Oct 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database