GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,724

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

767 advisories

Filter by severity

Sort by

Least recently updated

Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and... Moderate Unreviewed

CVE-2016-4840 was published May 13, 2022

The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates... Moderate Unreviewed

CVE-2017-8939 was published May 13, 2022

The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509... Moderate Unreviewed

CVE-2017-8935 was published May 13, 2022

Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not... Moderate Unreviewed

CVE-2016-1184 was published May 13, 2022

The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed

CVE-2017-8943 was published May 13, 2022

The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509... Moderate Unreviewed

CVE-2015-4094 was published May 13, 2022

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed

CVE-2015-0534 was published May 13, 2022

EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed

CVE-2017-4981 was published May 13, 2022

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC... Moderate Unreviewed

CVE-2012-3037 was published May 13, 2022

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed

CVE-2018-7234 was published May 13, 2022

Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's... Moderate Unreviewed

CVE-2012-5824 was published May 13, 2022

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore... Moderate Unreviewed

CVE-2018-3927 was published May 13, 2022

An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud... High Unreviewed

CVE-2018-4015 was published May 13, 2022

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed

CVE-2017-2784 was published May 13, 2022

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed

CVE-2017-2800 was published May 13, 2022

An exploitable denial of service vulnerability exists within the reading of proprietary server... Moderate Unreviewed

CVE-2017-2836 was published May 13, 2022

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL... Moderate Unreviewed

CVE-2017-2913 was published May 13, 2022

Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of... Moderate Unreviewed

CVE-2021-27768 was published May 13, 2022

Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed

CVE-2022-26923 was published May 11, 2022

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows... High Unreviewed

CVE-2010-1378 was published May 2, 2022

Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication,... Moderate Unreviewed

CVE-2009-4831 was published May 2, 2022

libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is... Moderate Unreviewed

CVE-2009-3767 was published May 2, 2022

Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes... Moderate Unreviewed

CVE-2009-3046 was published May 2, 2022

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before... Moderate Unreviewed

CVE-2009-2408 was published May 2, 2022

The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates... Moderate Unreviewed

CVE-2005-3170 was published May 1, 2022

Previous 1 2 … 27 28 29 30 31 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

767 advisories