Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

986 advisories

Loading
`OCSP_basic_verify` may incorrectly verify the response signing certificate Moderate
CVE-2022-1343 was published for openssl-src (Rust) May 4, 2022
pinkforest
Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter High
CVE-2022-24901 was published for parse-server (npm) May 4, 2022
yoshmidev kurt-r2c
OpenStack Keystone and other components vulnerable to Improper Certificate Validation Moderate
CVE-2013-2255 was published for cinder (pip) May 5, 2022
Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-26923 was published May 11, 2022
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of... Moderate Unreviewed
CVE-2021-27768 was published May 13, 2022
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL... Moderate Unreviewed
CVE-2017-2913 was published May 13, 2022
An exploitable denial of service vulnerability exists within the reading of proprietary server... Moderate Unreviewed
CVE-2017-2836 was published May 13, 2022
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed
CVE-2017-2800 was published May 13, 2022
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud... High Unreviewed
CVE-2018-4015 was published May 13, 2022
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore... Moderate Unreviewed
CVE-2018-3927 was published May 13, 2022
Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's... Moderate Unreviewed
CVE-2012-5824 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7234 was published May 13, 2022
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC... Moderate Unreviewed
CVE-2012-3037 was published May 13, 2022
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed
CVE-2017-4981 was published May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed
CVE-2015-0534 was published May 13, 2022
The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509... Moderate Unreviewed
CVE-2015-4094 was published May 13, 2022
The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed
CVE-2017-8943 was published May 13, 2022
Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not... Moderate Unreviewed
CVE-2016-1184 was published May 13, 2022
The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509... Moderate Unreviewed
CVE-2017-8935 was published May 13, 2022
The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates... Moderate Unreviewed
CVE-2017-8939 was published May 13, 2022
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and... Moderate Unreviewed
CVE-2016-4840 was published May 13, 2022
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows... Moderate Unreviewed
CVE-2017-8060 was published May 13, 2022
iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. High Unreviewed
CVE-2017-7726 was published May 13, 2022
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath... High Unreviewed
CVE-2017-6594 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database