Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-49570 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6055 was published Oct 18, 2024
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning... High Unreviewed
CVE-2023-49567 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6056 was published Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The... High Unreviewed
CVE-2023-6058 was published Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality... High Unreviewed
CVE-2023-6057 was published Oct 18, 2024
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
AlexV525
Windows Secure Channel Spoofing Vulnerability High Unreviewed
CVE-2024-43550 was published Oct 8, 2024
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS... High Unreviewed
CVE-2024-7206 was published Oct 8, 2024
Rancher agents can be hijacked by taking over the Rancher Server URL High
CVE-2024-22030 was published for github.com/rancher/rancher (Go) Sep 26, 2024
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024... High Unreviewed
CVE-2024-43201 was published Sep 23, 2024
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS... High Unreviewed
CVE-2024-8287 was published Sep 18, 2024
An improper certificate validation vulnerability in TLS certificate validation allows an attacker... High Unreviewed
CVE-2024-40714 was published Sep 7, 2024
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an... High Unreviewed
CVE-2024-41996 was published Aug 26, 2024
A flaw was found in the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an... High Unreviewed
CVE-2024-8007 was published Aug 21, 2024
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and... High Unreviewed
CVE-2024-7570 was published Aug 13, 2024
Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed... High Unreviewed
CVE-2024-6472 was published Aug 5, 2024
Filestash skips TLS certificate verification process when sending out email verification codes High
CVE-2024-41256 was published for github.com/mickael-kerjean/filestash (Go) Jul 31, 2024
Beego privilege escalation vulnerability High
CVE-2024-40464 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
Filestash configured to skip TLS certificate verification when using the FTPS protocol High
CVE-2024-41255 was published for github.com/mickael-kerjean/filestash (Go) Jul 31, 2024
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the... High Unreviewed
CVE-2024-28872 was published Jul 11, 2024
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3... High Unreviewed
CVE-2023-50178 was published Jul 9, 2024
electron-updater Code Signing Bypass on Windows High
CVE-2024-39698 was published for electron-updater (npm) Jul 9, 2024
mmaietta thomas-chauchefoin-bentley-systems
eb-bsi
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism... High Unreviewed
CVE-2024-28021 was published Jun 11, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate... High Unreviewed
CVE-2024-35140 was published May 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database