Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

562 advisories

Loading
net-ldap Improper Certificate Validation vulnerability Moderate
CVE-2017-17718 was published for net-ldap (RubyGems) Jan 6, 2018
IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a... Moderate Unreviewed
CVE-2019-4150 was published May 24, 2022
When performing add-on updates, certificate chains terminating in non-built-in-roots were... Moderate Unreviewed
CVE-2020-12421 was published May 24, 2022
Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to... Moderate Unreviewed
CVE-2021-23167 was published May 24, 2022
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV... Moderate Unreviewed
CVE-2021-26320 was published May 24, 2022
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS... Moderate Unreviewed
CVE-2021-41019 was published May 24, 2022
CFEngine Enterprise 3.15.0 through 3.15.4 has Missing SSL Certificate Validation. Moderate Unreviewed
CVE-2021-36756 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a... Moderate Unreviewed
CVE-2021-20435 was published May 24, 2022
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper certificate... Moderate Unreviewed
CVE-2021-40713 was published May 24, 2022
A certificate validation issue was addressed. This issue is fixed in iOS 14.5 and iPadOS 14.5. An... Moderate Unreviewed
CVE-2021-1837 was published May 24, 2022
In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the... Moderate Unreviewed
CVE-2021-39365 was published May 24, 2022
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification... Moderate Unreviewed
CVE-2021-39358 was published May 24, 2022
In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate... Moderate Unreviewed
CVE-2021-39361 was published May 24, 2022
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on... Moderate Unreviewed
CVE-2021-39360 was published May 24, 2022
The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the... Moderate Unreviewed
CVE-2021-32069 was published May 24, 2022
Improper Certificate Validation in vt-ldap Moderate
CVE-2014-3607 was published for edu.internet2.middleware:shibboleth-identityprovider (Maven) May 14, 2022
Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass... Moderate Unreviewed
CVE-2021-36371 was published May 24, 2022
Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature... Moderate Unreviewed
CVE-2021-21571 was published May 24, 2022
The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for... Moderate Unreviewed
CVE-2021-20732 was published May 24, 2022
All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509... Moderate Unreviewed
CVE-2021-22218 was published May 24, 2022
'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which... Moderate Unreviewed
CVE-2022-34156 was published Aug 17, 2022
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation. Moderate Unreviewed
CVE-2021-27189 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure... Moderate Unreviewed
CVE-2020-36127 was published May 24, 2022
Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper... Moderate Unreviewed
CVE-2021-21559 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1471 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database