GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,773
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,946
npm
3,474
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
884 advisories
Filter by severity
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper...
Moderate
Unreviewed
CVE-2024-35299
was published
May 16, 2024
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may...
Moderate
Unreviewed
CVE-2024-33612
was published
May 8, 2024
NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution...
High
Unreviewed
CVE-2023-35721
was published
May 3, 2024
A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as...
Low
Unreviewed
CVE-2024-4063
was published
Apr 23, 2024
A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic....
Low
Unreviewed
CVE-2024-4062
was published
Apr 23, 2024
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider
Moderate
CVE-2024-29733
was published
for
apache-airflow-providers-ftp
(pip)
Apr 21, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This...
High
Unreviewed
CVE-2024-3738
was published
Apr 13, 2024
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to...
Moderate
Unreviewed
CVE-2023-50949
was published
Apr 11, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31871
was published
Apr 10, 2024
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-27323
was published
Apr 2, 2024
Serverpod client accepts any certificate
High
CVE-2024-29887
was published
for
serverpod_client
(Pub)
Mar 28, 2024
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer...
High
Unreviewed
CVE-2024-1351
was published
Mar 7, 2024
Incorrect TLS certificate auth method in Vault
High
CVE-2024-2048
was published
for
github.com/hashicorp/vault
(Go)
Mar 4, 2024
Improper Certificate Validation in apache airflow mongo hook
High
CVE-2024-25141
was published
for
apache-airflow-providers-mongo
(pip)
Feb 20, 2024
Improper Certificate Validation in Apache DolphinScheduler
High
CVE-2023-49250
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Feb 20, 2024
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2...
Moderate
Unreviewed
CVE-2023-47537
was published
Feb 15, 2024
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can...
High
Unreviewed
CVE-2024-25642
was published
Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an...
High
Unreviewed
CVE-2023-32330
was published
Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a...
High
Unreviewed
CVE-2023-43017
was published
Feb 7, 2024
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products...
Moderate
Unreviewed
CVE-2023-47700
was published
Feb 7, 2024
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under...
Critical
Unreviewed
CVE-2024-25140
was published
Feb 6, 2024
Boundary vulnerable to session hijacking through TLS certificate tampering
High
CVE-2024-1052
was published
for
github.com/hashicorp/boundary
(Go)
Feb 5, 2024
curl inadvertently kept the SSL session ID for connections in its cache even when the verify...
Moderate
Unreviewed
CVE-2024-0853
was published
Feb 3, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,...
High
Unreviewed
CVE-2020-29504
was published
Feb 2, 2024
ProTip!
Advisories are also available from the
GraphQL API