Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

373 advisories

Loading
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to... High Unreviewed
CVE-2021-38864 was published May 24, 2022
The mechanism which performs certificate validation was discovered to have a flaw that resulted... High Unreviewed
CVE-2021-27018 was published May 24, 2022
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS).... High Unreviewed
CVE-2020-36478 was published May 24, 2022
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5... High Unreviewed
CVE-2021-32581 was published May 24, 2022
libcurl-using applications can ask for a specific client certificate to be used in a transfer.... High Unreviewed
CVE-2021-22926 was published May 24, 2022
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate... High Unreviewed
CVE-2021-35193 was published May 24, 2022
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an... High Unreviewed
CVE-2020-12681 was published May 24, 2022
Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can... High Unreviewed
CVE-2021-20109 was published May 24, 2022
A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK... High Unreviewed
CVE-2021-31892 was published May 24, 2022
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the... High Unreviewed
CVE-2021-3547 was published May 24, 2022
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS... High Unreviewed
CVE-2021-36377 was published May 24, 2022
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA... High Unreviewed
CVE-2021-1134 was published May 24, 2022
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in... High Unreviewed
CVE-2020-15732 was published May 24, 2022
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco... High Unreviewed
CVE-2021-1566 was published May 24, 2022
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0... High Unreviewed
CVE-2021-24012 was published May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to... High Unreviewed
CVE-2021-22909 was published May 24, 2022
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds,... High Unreviewed
CVE-2016-20011 was published May 24, 2022
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback... High Unreviewed
CVE-2021-32919 was published May 24, 2022
Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version... High Unreviewed
CVE-2021-20695 was published May 24, 2022
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude... High Unreviewed
CVE-2021-29653 was published May 24, 2022
HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets... High Unreviewed
CVE-2021-27400 was published May 24, 2022
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux... High Unreviewed
CVE-2021-27899 was published May 24, 2022
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to... High Unreviewed
CVE-2021-22189 was published May 24, 2022
SaltStack Salt Improper SSL Certificate Validation High
CVE-2020-35662 was published for salt (pip) May 24, 2022
SaltStack Salt Improper Certificate Validation High
CVE-2020-28972 was published for salt (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database