GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
960 advisories
Filter by severity
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate....
Moderate
Unreviewed
CVE-2023-33760
was published
Jan 25, 2024
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and...
Moderate
Unreviewed
CVE-2023-33757
was published
Jan 25, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
High
Unreviewed
CVE-2023-6043
was published
Jan 19, 2024
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
Moderate
CVE-2023-51662
was published
for
Snowflake.Data
(NuGet)
Dec 22, 2023
Improper validation of the server’s certificate chain in secure traffic scanning feature...
High
Unreviewed
CVE-2023-5594
was published
Dec 21, 2023
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a...
High
Unreviewed
CVE-2023-1514
was published
Dec 19, 2023
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all...
High
Unreviewed
CVE-2023-6680
was published
Dec 15, 2023
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the...
High
Unreviewed
CVE-2020-12614
was published
Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected...
High
Unreviewed
CVE-2023-48427
was published
Dec 12, 2023
An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to...
Moderate
Unreviewed
CVE-2023-50454
was published
Dec 10, 2023
Permission verification vulnerability in distributed scenarios. Successful exploitation of this...
High
Unreviewed
CVE-2023-49247
was published
Dec 6, 2023
KEPServerEX does not properly validate certificates from clients which may allow...
High
Unreviewed
CVE-2023-5909
was published
Dec 1, 2023
Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity...
High
Unreviewed
CVE-2023-49312
was published
Nov 27, 2023
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component....
High
Unreviewed
CVE-2023-43082
was published
Nov 22, 2023
HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack
Critical
CVE-2023-48052
was published
for
httpie
(pip)
Nov 16, 2023
Missing SSL certificate validation in localstack
High
CVE-2023-48054
was published
for
localstack
(pip)
Nov 16, 2023
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote...
High
Unreviewed
CVE-2023-42532
was published
Nov 13, 2023
An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2023-42425
was published
Oct 31, 2023
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet...
High
Unreviewed
CVE-2023-31421
was published
Oct 26, 2023
light-oauth2 missing public key verification
Moderate
CVE-2023-31580
was published
for
com.networknt:light-oauth2
(Maven)
Oct 25, 2023
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows...
Moderate
Unreviewed
CVE-2022-3761
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a...
Moderate
Unreviewed
CVE-2022-43892
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity...
Moderate
Unreviewed
CVE-2022-22380
was published
Oct 17, 2023
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for...
Critical
Unreviewed
CVE-2023-5422
was published
Oct 16, 2023
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known...
High
Unreviewed
CVE-2023-4499
was published
Oct 13, 2023
ProTip!
Advisories are also available from the
GraphQL API