Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

61 advisories

Loading
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate... Critical Unreviewed
CVE-2021-33907 was published May 24, 2022
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted... Critical Unreviewed
CVE-2021-33695 was published May 24, 2022
Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker... Critical Unreviewed
CVE-2021-20110 was published May 24, 2022
While processing server certificate from IPSec server, certificate validation for subject... Critical Unreviewed
CVE-2020-11176 was published May 24, 2022
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of... Critical Unreviewed
CVE-2020-28907 was published May 24, 2022
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server... Critical Unreviewed
CVE-2021-3460 was published May 24, 2022
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for... Critical Unreviewed
CVE-2021-3336 was published May 24, 2022
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM)... Critical Unreviewed
CVE-2020-27649 was published May 24, 2022
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager ... Critical Unreviewed
CVE-2020-27648 was published May 24, 2022
A certificate validation issue existed when processing administrator added certificates. This... Critical Unreviewed
CVE-2020-9868 was published May 24, 2022
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c... Critical Unreviewed
CVE-2020-7043 was published May 24, 2022
European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate... Critical Unreviewed
CVE-2019-18633 was published May 24, 2022
European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because... Critical Unreviewed
CVE-2019-18632 was published May 24, 2022
systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS... Critical Unreviewed
CVE-2018-21029 was published May 24, 2022
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via... Critical Unreviewed
CVE-2015-2320 was published May 24, 2022
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. Critical Unreviewed
CVE-2017-17945 was published May 24, 2022
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. Critical Unreviewed
CVE-2017-17944 was published May 24, 2022
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might... Critical Unreviewed
CVE-2015-7826 was published May 17, 2022
libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote... Critical Unreviewed
CVE-2015-3886 was published May 17, 2022
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept... Critical Unreviewed
CVE-2018-9127 was published May 14, 2022
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable... Critical Unreviewed
CVE-2018-4991 was published May 14, 2022
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation... Critical Unreviewed
CVE-2018-12829 was published May 14, 2022
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to... Critical Unreviewed
CVE-2016-1000030 was published May 14, 2022
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL... Critical Unreviewed
CVE-2019-6592 was published May 14, 2022
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL... Critical Unreviewed
CVE-2019-6266 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API