GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
351 advisories
Filter by severity
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate...
High
Unreviewed
CVE-2020-26184
was published
Jun 2, 2022
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can...
High
Unreviewed
CVE-2021-3935
was published
May 24, 2022
Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle...
High
Unreviewed
CVE-2021-23162
was published
May 24, 2022
FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate...
High
Unreviewed
CVE-2021-43114
was published
May 24, 2022
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has...
High
Unreviewed
CVE-2021-29737
was published
May 24, 2022
The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate...
High
Unreviewed
CVE-2021-20833
was published
May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting...
High
Unreviewed
CVE-2021-25634
was published
May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting...
High
Unreviewed
CVE-2021-25633
was published
May 24, 2022
The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO...
High
Unreviewed
CVE-2021-35497
was published
May 24, 2022
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to...
High
Unreviewed
CVE-2021-38864
was published
May 24, 2022
The mechanism which performs certificate validation was discovered to have a flaw that resulted...
High
Unreviewed
CVE-2021-27018
was published
May 24, 2022
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS)....
High
Unreviewed
CVE-2020-36478
was published
May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5...
High
Unreviewed
CVE-2021-32581
was published
May 24, 2022
libcurl-using applications can ask for a specific client certificate to be used in a transfer....
High
Unreviewed
CVE-2021-22926
was published
May 24, 2022
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate...
High
Unreviewed
CVE-2021-35193
was published
May 24, 2022
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an...
High
Unreviewed
CVE-2020-12681
was published
May 24, 2022
Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can...
High
Unreviewed
CVE-2021-20109
was published
May 24, 2022
A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK...
High
Unreviewed
CVE-2021-31892
was published
May 24, 2022
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the...
High
Unreviewed
CVE-2021-3547
was published
May 24, 2022
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS...
High
Unreviewed
CVE-2021-36377
was published
May 24, 2022
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA...
High
Unreviewed
CVE-2021-1134
was published
May 24, 2022
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in...
High
Unreviewed
CVE-2020-15732
was published
May 24, 2022
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco...
High
Unreviewed
CVE-2021-1566
was published
May 24, 2022
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0...
High
Unreviewed
CVE-2021-24012
was published
May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to...
High
Unreviewed
CVE-2021-22909
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API