Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

296 advisories

Loading
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not... High Unreviewed
CVE-2018-5408 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches... High Unreviewed
CVE-2019-1859 was published May 24, 2022
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of... High Unreviewed
CVE-2019-1590 was published May 24, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0... High Unreviewed
CVE-2022-22787 was published May 19, 2022
duplicity 0.6.24 has improper verification of SSL certificates High Unreviewed
CVE-2014-3495 was published May 17, 2022
wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. High Unreviewed
CVE-2014-2902 was published May 17, 2022
wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. High Unreviewed
CVE-2014-2901 was published May 17, 2022
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. High Unreviewed
CVE-2016-1132 was published May 17, 2022
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect... High Unreviewed
CVE-2017-7192 was published May 17, 2022
Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all... High Unreviewed
CVE-2013-7450 was published May 17, 2022
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in... High Unreviewed
CVE-2017-5887 was published May 17, 2022
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form,... High Unreviewed
CVE-2017-8059 was published May 17, 2022
In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the... High Unreviewed
CVE-2016-8231 was published May 17, 2022
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a... High Unreviewed
CVE-2015-2330 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue... High Unreviewed
CVE-2017-2498 was published May 17, 2022
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to... High Unreviewed
CVE-2017-0129 was published May 17, 2022
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which... High Unreviewed
CVE-2017-11364 was published May 17, 2022
When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11... High Unreviewed
CVE-2017-11506 was published May 17, 2022
pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures... High Unreviewed
CVE-2015-5263 was published May 17, 2022
Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow... High Unreviewed
CVE-2015-2988 was published May 17, 2022
niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote... High Unreviewed
CVE-2015-5639 was published May 17, 2022
In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Allocation Code (TAC) database... High Unreviewed
CVE-2017-6144 was published May 17, 2022
Savitech driver packages for Windows silently install a self-signed certificate into the Trusted... High Unreviewed
CVE-2017-9758 was published May 17, 2022
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher... High Unreviewed
CVE-2015-2319 was published May 14, 2022
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message... High Unreviewed
CVE-2015-2318 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database