GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
756 advisories
Filter by severity
A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic....
Low
Unreviewed
CVE-2024-4062
was published
Apr 23, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This...
High
Unreviewed
CVE-2024-3738
was published
Apr 13, 2024
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to...
Moderate
Unreviewed
CVE-2023-50949
was published
Apr 11, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31872
was published
Apr 10, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to...
High
Unreviewed
CVE-2024-31871
was published
Apr 10, 2024
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-27323
was published
Apr 2, 2024
The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for...
Moderate
Unreviewed
CVE-2024-27440
was published
Mar 13, 2024
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer...
High
Unreviewed
CVE-2024-1351
was published
Mar 7, 2024
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2023-47742
was published
Mar 3, 2024
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted...
High
Unreviewed
CVE-2023-40104
was published
Feb 16, 2024
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2...
Moderate
Unreviewed
CVE-2023-47537
was published
Feb 15, 2024
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can...
High
Unreviewed
CVE-2024-25642
was published
Feb 13, 2024
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products...
Moderate
Unreviewed
CVE-2023-47700
was published
Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an...
High
Unreviewed
CVE-2023-32330
was published
Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a...
High
Unreviewed
CVE-2023-43017
was published
Feb 7, 2024
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under...
Critical
Unreviewed
CVE-2024-25140
was published
Feb 6, 2024
curl inadvertently kept the SSL session ID for connections in its cache even when the verify...
Moderate
Unreviewed
CVE-2024-0853
was published
Feb 3, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,...
High
Unreviewed
CVE-2020-29504
was published
Feb 2, 2024
In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name...
Moderate
Unreviewed
CVE-2023-28807
was published
Jan 31, 2024
SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack...
Critical
Unreviewed
CVE-2023-50356
was published
Jan 31, 2024
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and...
Moderate
Unreviewed
CVE-2023-33757
was published
Jan 25, 2024
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate....
Moderate
Unreviewed
CVE-2023-33760
was published
Jan 25, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
High
Unreviewed
CVE-2023-6043
was published
Jan 19, 2024
Improper validation of the server’s certificate chain in secure traffic scanning feature...
High
Unreviewed
CVE-2023-5594
was published
Dec 21, 2023
ProTip!
Advisories are also available from the
GraphQL API