GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
955 advisories
Filter by severity
Improper Certificate Validation in node-sass affects eZ Platform
Moderate
GHSA-6v6p-g8cg-2hgg
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
Apr 1, 2022
WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify...
Moderate
Unreviewed
CVE-2022-28352
was published
Apr 3, 2022
In A-GPS, there is a possible man in the middle attack due to improper certificate validation....
Moderate
Unreviewed
CVE-2022-20081
was published
Apr 12, 2022
In ccu, there is a possible escalation of privilege due to a missing certificate validation. This...
Moderate
Unreviewed
CVE-2022-20071
was published
Apr 12, 2022
Improper Certificate Validation
High
CVE-2017-11770
was published
for
Microsoft.NETCore.App
(NuGet)
Apr 12, 2022
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated...
High
Unreviewed
CVE-2022-22549
was published
Apr 13, 2022
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when...
High
Unreviewed
CVE-2022-27536
was published
Apr 21, 2022
A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates...
Moderate
Unreviewed
CVE-2007-5967
was published
Apr 21, 2022
Mercurial Improper Certificate Validation vulnerability
Moderate
CVE-2010-4237
was published
for
mercurial
(pip)
Apr 21, 2022
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to...
Moderate
Unreviewed
CVE-2011-2207
was published
Apr 22, 2022
Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of...
Moderate
Unreviewed
CVE-2011-2669
was published
Apr 22, 2022
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08...
Moderate
Unreviewed
CVE-2021-3898
was published
Apr 23, 2022
nuSOAP before 0.7.3-5 does not properly check the hostname of a cert.
High
Unreviewed
CVE-2012-6071
was published
Apr 23, 2022
vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from...
High
Unreviewed
CVE-2012-5518
was published
Apr 23, 2022
Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead...
Moderate
Unreviewed
CVE-2012-1316
was published
Apr 23, 2022
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS...
High
Unreviewed
CVE-2012-0955
was published
Apr 23, 2022
X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01...
High
Unreviewed
CVE-2003-1229
was published
Apr 29, 2022
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust...
High
Unreviewed
CVE-2002-0862
was published
Apr 30, 2022
The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates...
Moderate
Unreviewed
CVE-2005-3170
was published
May 1, 2022
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before...
Moderate
Unreviewed
CVE-2009-2408
was published
May 2, 2022
Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes...
Moderate
Unreviewed
CVE-2009-3046
was published
May 2, 2022
Apache Tomcat affected by vulnerability in TLS and SSL protocol
Moderate
CVE-2009-3555
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is...
Moderate
Unreviewed
CVE-2009-3767
was published
May 2, 2022
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication,...
Moderate
Unreviewed
CVE-2009-4831
was published
May 2, 2022
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows...
High
Unreviewed
CVE-2010-1378
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API