Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

918 advisories

Loading
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6... Moderate Unreviewed
CVE-2022-22305 was published Sep 1, 2023
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of... High Unreviewed
CVE-2023-1409 was published Aug 23, 2023
Apache Airflow missing Certificate Validation Moderate
CVE-2023-39441 was published for apache-airflow (pip) Aug 23, 2023
sunSUNQ
In multiple locations, there are root CA certificates which need to be disabled. This could lead... High Unreviewed
CVE-2023-21265 was published Aug 14, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed... Critical Unreviewed
CVE-2023-40256 was published Aug 11, 2023
Sydent does not verify email server certificates Critical
CVE-2023-38686 was published for matrix-sydent (pip) Jul 31, 2023
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on... High Unreviewed
CVE-2023-34143 was published Jul 18, 2023
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension)... High Unreviewed
CVE-2023-3724 was published Jul 18, 2023
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS... High Unreviewed
CVE-2023-3615 was published Jul 17, 2023
cryptography mishandles SSH certificates High
CVE-2023-38325 was published for cryptography (pip) Jul 14, 2023
alanc tiran
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows... Moderate Unreviewed
CVE-2023-24461 was published Jul 6, 2023
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual... High Unreviewed
CVE-2021-21548 was published Jul 6, 2023
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software... High Unreviewed
CVE-2022-32748 was published Jul 6, 2023
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32... High Unreviewed
CVE-2023-23546 was published Jul 6, 2023
Bouncy Castle For Java LDAP injection vulnerability Moderate
CVE-2023-33201 was published for org.bouncycastle:bcprov-debug-jdk14 (Maven) Jul 5, 2023
pavelarnost
Keycloak vulnerable to Improper Client Certificate Validation for OAuth/OpenID clients High
CVE-2023-2422 was published for org.keycloak:keycloak-services (Maven) Jun 30, 2023
artsploit
Keycloak Untrusted Certificate Validation vulnerability Moderate
CVE-2023-1664 was published for org.keycloak:keycloak-core (Maven) Jun 30, 2023
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability... Low Unreviewed
CVE-2023-32464 was published Jun 23, 2023
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox... Low Unreviewed
CVE-2023-34414 was published Jun 19, 2023
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and... High Unreviewed
CVE-2023-30222 was published Jun 16, 2023
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin High
CVE-2023-35142 was published for com.checkmarx.jenkins:checkmarx (Maven) Jun 14, 2023
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku... Moderate Unreviewed
CVE-2023-29501 was published Jun 13, 2023
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all... Moderate Unreviewed
CVE-2023-29175 was published Jun 13, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6... Moderate Unreviewed
CVE-2023-34410 was published Jun 5, 2023
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed... Moderate Unreviewed
CVE-2023-0430 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API