Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

296 advisories

Loading
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly... High Unreviewed
CVE-2019-7728 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13... High Unreviewed
CVE-2017-7080 was published May 14, 2022
A certificate validation issue existed in configuration profiles. This was addressed with... High Unreviewed
CVE-2018-4436 was published May 14, 2022
The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509... High Unreviewed
CVE-2018-0650 was published May 14, 2022
Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted... High Unreviewed
CVE-2018-17612 was published May 14, 2022
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of... High Unreviewed
CVE-2018-16875 was published May 14, 2022
Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation... High Unreviewed
CVE-2018-12205 was published May 13, 2022
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal... High Unreviewed
CVE-2018-10405 was published May 13, 2022
An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal... High Unreviewed
CVE-2018-10403 was published May 13, 2022
An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-10408 was published May 13, 2022
An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and... High Unreviewed
CVE-2018-10404 was published May 13, 2022
A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2017-6664 was published May 13, 2022
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core)... High Unreviewed
CVE-2017-3563 was published May 13, 2022
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to... High Unreviewed
CVE-2017-2299 was published May 13, 2022
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it... High Unreviewed
CVE-2017-15114 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat before 1.5.18 for Android. No certificate... High Unreviewed
CVE-2017-11132 was published May 13, 2022
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly... High Unreviewed
CVE-2016-6562 was published May 13, 2022
It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509... High Unreviewed
CVE-2016-7075 was published May 13, 2022
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before... High Unreviewed
CVE-2017-10620 was published May 13, 2022
IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This... High Unreviewed
CVE-2017-1622 was published May 13, 2022
It was found that CloudForms does not verify that the server hostname matches the domain name in... High Unreviewed
CVE-2017-2639 was published May 13, 2022
Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and... High Unreviewed
CVE-2017-3190 was published May 13, 2022
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session... High Unreviewed
CVE-2017-7468 was published May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client... High Unreviewed
CVE-2018-0227 was published May 13, 2022
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)... High Unreviewed
CVE-2018-0277 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database