Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

296 advisories

Loading
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow... High Unreviewed
CVE-2018-0434 was published May 13, 2022
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. High Unreviewed
CVE-2018-12461 was published May 13, 2022
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature... High Unreviewed
CVE-2018-15784 was published May 13, 2022
IBM Security Guardium EcoSystem 10.5 does not validate, or incorrectly validates, a certificate... High Unreviewed
CVE-2018-1509 was published May 13, 2022
A vulnerability has been identified in Siveillance VMS Video for Android (All versions < V12.1a ... High Unreviewed
CVE-2018-4849 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname... High Unreviewed
CVE-2018-5462 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate... High Unreviewed
CVE-2018-5464 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate... High Unreviewed
CVE-2018-5466 was published May 13, 2022
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime... High Unreviewed
CVE-2019-1659 was published May 13, 2022
A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco... High Unreviewed
CVE-2019-1748 was published May 13, 2022
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5... High Unreviewed
CVE-2019-1683 was published May 13, 2022
The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier do... High Unreviewed
CVE-2017-7322 was published May 13, 2022
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not... High Unreviewed
CVE-2018-8019 was published May 13, 2022
Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates. High Unreviewed
CVE-2016-1148 was published May 13, 2022
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet... High Unreviewed
CVE-2018-1000500 was published May 13, 2022
ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed... High Unreviewed
CVE-2018-1000520 was published May 13, 2022
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no"... High Unreviewed
CVE-2017-1000256 was published May 13, 2022
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check... High Unreviewed
CVE-2018-8020 was published May 13, 2022
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be... High Unreviewed
CVE-2017-7429 was published May 13, 2022
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath... High Unreviewed
CVE-2017-6594 was published May 13, 2022
iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. High Unreviewed
CVE-2017-7726 was published May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed
CVE-2015-0534 was published May 13, 2022
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed
CVE-2017-4981 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7234 was published May 13, 2022
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud... High Unreviewed
CVE-2018-4015 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database