Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Loading
Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain... Moderate Unreviewed
CVE-2019-5506 was published May 24, 2022
Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration. Moderate Unreviewed
CVE-2019-16179 was published May 24, 2022
A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote... Moderate Unreviewed
CVE-2019-1948 was published May 24, 2022
The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate... Moderate Unreviewed
CVE-2019-5280 was published May 24, 2022
In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). Moderate Unreviewed
CVE-2017-18479 was published May 24, 2022
An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019... Moderate Unreviewed
CVE-2019-14334 was published May 24, 2022
A vulnerability exists where it possible to force Network Security Services (NSS) to sign... Moderate Unreviewed
CVE-2019-11727 was published May 24, 2022
A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network... Moderate Unreviewed
CVE-2019-1940 was published May 24, 2022
Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows... Moderate Unreviewed
CVE-2019-9148 was published May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a... Moderate Unreviewed
CVE-2019-4150 was published May 24, 2022
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper... Moderate Unreviewed
CVE-2019-11550 was published May 24, 2022
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2013-10001 was published May 18, 2022
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not... Moderate Unreviewed
CVE-2021-29726 was published May 18, 2022
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL... Moderate Unreviewed
CVE-2011-0199 was published May 17, 2022
The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8... Moderate Unreviewed
CVE-2014-3394 was published May 17, 2022
The Chase mobile banking application for Android does not verify that the server hostname matches... Moderate Unreviewed
CVE-2012-5810 was published May 17, 2022
The default configuration of Fortinet Fortigate UTM appliances uses the same Certification... Moderate Unreviewed
CVE-2012-4948 was published May 17, 2022
NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server... Moderate Unreviewed
CVE-2016-7171 was published May 17, 2022
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint... Moderate Unreviewed
CVE-2016-9892 was published May 17, 2022
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android... Moderate Unreviewed
CVE-2016-9319 was published May 17, 2022
Google Chrome caches TLS sessions before certificate validation occurs. Moderate Unreviewed
CVE-2013-6662 was published May 17, 2022
Photopt for Android before 2.0.1 does not verify SSL certificates. Moderate Unreviewed
CVE-2016-1198 was published May 17, 2022
Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates. Moderate Unreviewed
CVE-2016-1186 was published May 17, 2022
DMM Movie Player App for Android before 1.2.1, and DMM Movie Player App for iPhone/iPad before 2... Moderate Unreviewed
CVE-2016-4829 was published May 17, 2022
DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and... Moderate Unreviewed
CVE-2016-4818 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database