Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

372 advisories

Loading
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The... High Unreviewed
CVE-2022-40147 was published Oct 11, 2022
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in... High Unreviewed
CVE-2022-36173 was published Sep 13, 2022
python-scciclient vulnerable to Man-in-the-middle (MITM) attacks High
CVE-2022-2996 was published for python-scciclient (pip) Sep 2, 2022
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to... High Unreviewed
CVE-2021-43766 was published Aug 26, 2022
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not... High Unreviewed
CVE-2022-1805 was published Jul 29, 2022
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an... High Unreviewed
CVE-2022-20860 was published Jul 22, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter... High Unreviewed
CVE-2021-29755 was published Jul 21, 2022
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not... High Unreviewed
CVE-2020-16093 was published Jul 19, 2022
Argo CD certificate verification is skipped for connections to OIDC providers High
CVE-2022-31105 was published for github.com/argoproj/argo-cd (Go) Jul 12, 2022
jannfis crenshaw-dev
DavidKorczynski AdamKorcz
Authentication bypass vulnerability in Apple Game Center auth adapter High
CVE-2022-31083 was published for parse-server (npm) Jun 17, 2022
yoshmidev
ProxyAgent vulnerable to MITM High
CVE-2022-32210 was published for undici (npm) Jun 17, 2022
pimterry
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed
CVE-2022-32153 was published Jun 16, 2022
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform... High Unreviewed
CVE-2022-32152 was published Jun 16, 2022
Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service... High Unreviewed
CVE-2022-26493 was published Jun 4, 2022
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been... High Unreviewed
CVE-2022-27782 was published Jun 3, 2022
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate... High Unreviewed
CVE-2020-26184 was published Jun 2, 2022
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can... High Unreviewed
CVE-2021-3935 was published May 24, 2022
Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle... High Unreviewed
CVE-2021-23162 was published May 24, 2022
FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate... High Unreviewed
CVE-2021-43114 was published May 24, 2022
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has... High Unreviewed
CVE-2021-29737 was published May 24, 2022
The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate... High Unreviewed
CVE-2021-20833 was published May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25634 was published May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25633 was published May 24, 2022
The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO... High Unreviewed
CVE-2021-35497 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to... High Unreviewed
CVE-2021-38864 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database