Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,050 advisories

Loading
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before... Moderate Unreviewed
CVE-2025-22459 was published Apr 8, 2025
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed
CVE-2024-42193 was published Apr 15, 2025
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An... Low Unreviewed
CVE-2025-26478 was published Apr 17, 2025
BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to... High Unreviewed
CVE-2025-28169 was published Apr 23, 2025
Apache HttpClient disables domain checks High
CVE-2025-27820 was published for org.apache.httpcomponents.client5:httpclient5 (Maven) Apr 24, 2025
Fleet doesn’t validate a server’s certificate when connecting through SSH Moderate
CVE-2025-23390 was published for github.com/rancher/fleet (Go) Apr 25, 2025
Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks High
CVE-2023-32198 was published for github.com/rancher/steve (Go) Apr 25, 2025
In Modem, there is a possible permission bypass due to improper certificate validation. This... Moderate Unreviewed
CVE-2025-20670 was published May 5, 2025
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM)... Moderate Unreviewed
CVE-2025-37730 was published May 6, 2025
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due... Moderate Unreviewed
CVE-2025-3218 was published May 7, 2025
JRuby-OpenSSL has hostname verification disabled by default Moderate
CVE-2025-46551 was published for org.jruby:jruby (Maven) May 7, 2025
mohamedhafez
A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2025-20157 was published May 7, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... Critical Unreviewed
CVE-2025-3463 was published May 9, 2025
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does... Moderate Unreviewed
CVE-2025-32407 was published May 16, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering... Moderate Unreviewed
CVE-2023-33861 was published May 20, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to... Moderate Unreviewed
CVE-2024-45641 was published May 20, 2025
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use... Moderate Unreviewed
CVE-2025-4575 was published May 22, 2025
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-13956 was published May 22, 2025
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin High
CVE-2025-5279 was published for redshift-connector (pip) May 28, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-22486 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29884 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29883 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29885 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-30279 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-33031 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database