Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

961 advisories

Loading
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known... High Unreviewed
CVE-2023-4499 was published Oct 13, 2023
Lack of TLS certificate verification in log transmission of a financial module within LINE Client... Critical Unreviewed
CVE-2023-5554 was published Oct 12, 2023
In JetBrains Ktor before 2.3.5 server certificates were not verified Critical Unreviewed
CVE-2023-45613 was published Oct 9, 2023
Withdrawn Advisory: Netty-handler does not validate host names by default Moderate
CVE-2023-4586 was published for io.netty:netty-handler (Maven) Oct 4, 2023 withdrawn
normanmaurer
A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... Moderate Unreviewed
CVE-2023-41991 was published Sep 21, 2023
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers... High Unreviewed
CVE-2023-38351 was published Sep 19, 2023
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to... High Unreviewed
CVE-2023-38352 was published Sep 19, 2023
MiniTool Movie Maker 6.1.0 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38355 was published Sep 19, 2023
MiniTool Movie Maker 4.1 contains an insecure installation process that allows attackers to... High Unreviewed
CVE-2023-38354 was published Sep 19, 2023
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers... High Unreviewed
CVE-2023-38356 was published Sep 19, 2023
MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows... Moderate Unreviewed
CVE-2023-38353 was published Sep 19, 2023
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent... High Unreviewed
CVE-2023-4801 was published Sep 13, 2023
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying... Moderate Unreviewed
CVE-2023-35845 was published Sep 11, 2023
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker... High Unreviewed
CVE-2023-30729 was published Sep 6, 2023
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14... Moderate Unreviewed
CVE-2023-41180 was published Sep 3, 2023
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6... Moderate Unreviewed
CVE-2022-22305 was published Sep 1, 2023
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of... High Unreviewed
CVE-2023-1409 was published Aug 23, 2023
Apache Airflow missing Certificate Validation Moderate
CVE-2023-39441 was published for apache-airflow (pip) Aug 23, 2023
sunSUNQ
In multiple locations, there are root CA certificates which need to be disabled. This could lead... High Unreviewed
CVE-2023-21265 was published Aug 14, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed... Critical Unreviewed
CVE-2023-40256 was published Aug 11, 2023
Sydent does not verify email server certificates Critical
CVE-2023-38686 was published for matrix-sydent (pip) Jul 31, 2023
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on... High Unreviewed
CVE-2023-34143 was published Jul 18, 2023
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension)... High Unreviewed
CVE-2023-3724 was published Jul 18, 2023
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS... High Unreviewed
CVE-2023-3615 was published Jul 17, 2023
cryptography mishandles SSH certificates High
CVE-2023-38325 was published for cryptography (pip) Jul 14, 2023
alanc tiran
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database