GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
482 advisories
Filter by severity
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45458
was published
May 18, 2023
Sensitive information disclosure and manipulation due to improper certification validation. The...
Moderate
Unreviewed
CVE-2022-45457
was published
May 18, 2023
Duplicate Advisory: Keycloak vulnerable to untrusted certificate validation
Moderate
GHSA-c892-cwq6-qrqf
was published
for
org.keycloak:keycloak-core
(Maven)
May 26, 2023
•
withdrawn
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports...
Moderate
Unreviewed
CVE-2023-28321
was published
May 26, 2023
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability...
Moderate
Unreviewed
CVE-2023-24568
was published
May 30, 2023
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed...
Moderate
Unreviewed
CVE-2023-0430
was published
Jun 2, 2023
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted...
Moderate
Unreviewed
CVE-2023-0547
was published
Jun 2, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6...
Moderate
Unreviewed
CVE-2023-34410
was published
Jun 5, 2023
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all...
Moderate
Unreviewed
CVE-2023-29175
was published
Jun 13, 2023
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku...
Moderate
Unreviewed
CVE-2023-29501
was published
Jun 13, 2023
Keycloak Untrusted Certificate Validation vulnerability
Moderate
CVE-2023-1664
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 30, 2023
Bouncy Castle For Java LDAP injection vulnerability
Moderate
CVE-2023-33201
was published
for
org.bouncycastle:bcprov-debug-jdk14
(Maven)
Jul 5, 2023
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows...
Moderate
Unreviewed
CVE-2023-24461
was published
Jul 6, 2023
Apache Airflow missing Certificate Validation
Moderate
CVE-2023-39441
was published
for
apache-airflow
(pip)
Aug 23, 2023
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6...
Moderate
Unreviewed
CVE-2022-22305
was published
Sep 1, 2023
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14...
Moderate
Unreviewed
CVE-2023-41180
was published
Sep 3, 2023
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying...
Moderate
Unreviewed
CVE-2023-35845
was published
Sep 11, 2023
MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows...
Moderate
Unreviewed
CVE-2023-38353
was published
Sep 19, 2023
A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS...
Moderate
Unreviewed
CVE-2023-41991
was published
Sep 21, 2023
Withdrawn Advisory: Netty-handler does not validate host names by default
Moderate
CVE-2023-4586
was published
for
io.netty:netty-handler
(Maven)
Oct 4, 2023
•
withdrawn
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity...
Moderate
Unreviewed
CVE-2022-22380
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a...
Moderate
Unreviewed
CVE-2022-43892
was published
Oct 17, 2023
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows...
Moderate
Unreviewed
CVE-2022-3761
was published
Oct 17, 2023
light-oauth2 missing public key verification
Moderate
CVE-2023-31580
was published
for
com.networknt:light-oauth2
(Maven)
Oct 25, 2023
An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to...
Moderate
Unreviewed
CVE-2023-50454
was published
Dec 10, 2023
ProTip!
Advisories are also available from the
GraphQL API