Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,134
Maven
5,000+
npm
3,797
NuGet
687
pip
3,473
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Loading
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of... Moderate Unreviewed
CVE-2022-48306 was published Feb 16, 2023
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions... Moderate Unreviewed
CVE-2023-22943 was published Feb 14, 2023
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0... Moderate Unreviewed
CVE-2023-22367 was published Feb 13, 2023
Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in... Moderate Unreviewed
CVE-2022-34404 was published Feb 11, 2023
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate. Moderate Unreviewed
CVE-2022-46496 was published Feb 7, 2023
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of... Moderate Unreviewed
CVE-2022-3913 was published Feb 2, 2023
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird... Moderate Unreviewed
CVE-2022-1197 was published Dec 22, 2022
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank... Moderate Unreviewed
CVE-2022-1834 was published Dec 22, 2022
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the... Moderate Unreviewed
CVE-2022-22747 was published Dec 22, 2022
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS... Moderate Unreviewed
CVE-2022-45419 was published Dec 22, 2022
Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by... Moderate Unreviewed
CVE-2021-45035 was published Sep 25, 2022
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with... Moderate Unreviewed
CVE-2022-1632 was published Sep 2, 2022
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is... Moderate Unreviewed
CVE-2021-43767 was published Aug 26, 2022
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is... Moderate Unreviewed
CVE-2021-3798 was published Aug 24, 2022
'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which... Moderate Unreviewed
CVE-2022-34156 was published Aug 17, 2022
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0... Moderate Unreviewed
CVE-2021-22131 was published Jul 19, 2022
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway... Moderate Unreviewed
CVE-2022-20813 was published Jul 7, 2022
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server... Moderate Unreviewed
CVE-2022-29482 was published Jun 15, 2022
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses... Moderate Unreviewed
CVE-2022-26491 was published Jun 3, 2022
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0... Moderate Unreviewed
CVE-2022-29082 was published May 27, 2022
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5,... Moderate Unreviewed
CVE-2022-26766 was published May 27, 2022
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0... Moderate Unreviewed
CVE-2022-22306 was published May 25, 2022
Summary - The certificate used to identify Orchestrator to EdgeConnect devices is not validated... Moderate Unreviewed
CVE-2020-12143 was published May 24, 2022
Details The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is... Moderate Unreviewed
CVE-2020-12144 was published May 24, 2022
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax... Moderate Unreviewed
CVE-2020-5367 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database