Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

524 advisories

Loading
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and... Moderate Unreviewed
CVE-2015-3152 was published May 14, 2022
Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes... Moderate Unreviewed
CVE-2009-3046 was published May 2, 2022
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2... Moderate Unreviewed
CVE-2008-4989 was published May 14, 2022
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed
CVE-2025-30000 was published Apr 8, 2025
TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly... Moderate Unreviewed
CVE-2024-31340 was published May 22, 2024
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6... Moderate Unreviewed
CVE-2009-2409 was published May 2, 2022
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate. Moderate Unreviewed
CVE-2022-46496 was published Feb 7, 2023
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0... Moderate Unreviewed
CVE-2023-22367 was published Feb 13, 2023
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign... Moderate Unreviewed
CVE-2021-25635 was published Mar 21, 2025
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle ... Moderate Unreviewed
CVE-2025-0254 was published Mar 20, 2025
Improper certificate validation vulnerability in the update functionality in Synology BeeStation... Moderate Unreviewed
CVE-2024-10445 was published Mar 19, 2025
The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest... Moderate Unreviewed
CVE-2024-32928 was published Aug 19, 2024
An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below... Moderate Unreviewed
CVE-2023-48785 was published Mar 14, 2025
An improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version... Moderate Unreviewed
CVE-2024-40590 was published Mar 14, 2025
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured,... Moderate Unreviewed
CVE-2025-23091 was published Feb 1, 2025
An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables... Moderate Unreviewed
CVE-2024-41258 was published Jul 31, 2024
IBM OpenPages with Watson 8.3 and 9.0  could allow a remote attacker to spoof mail server... Moderate Unreviewed
CVE-2024-49782 was published Feb 20, 2025
An Improper Certificate Validation vulnerability could allow an authenticated malicious actor... Moderate Unreviewed
CVE-2025-23118 was published Mar 1, 2025
Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the... Moderate Unreviewed
CVE-2025-1001 was published Feb 21, 2025
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate... Moderate Unreviewed
CVE-2023-0466 was published Mar 28, 2023
Applications that use a non-default option when verifying certificates may be vulnerable to an... Moderate Unreviewed
CVE-2023-0465 was published Mar 28, 2023
Dell BSAFE SSL-J contains an Improper certificate verification vulnerability. A remote attacker... Moderate Unreviewed
CVE-2024-29171 was published Feb 12, 2025
Allegro Tech BigFlow vulnerable to Missing SSL Certificate Validation Moderate
CVE-2023-25392 was published for bigflow (pip) Apr 10, 2023
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed
CVE-2025-1002 was published Feb 10, 2025
This vulnerability allows network-adjacent attackers to compromise transport security on affected... Moderate Unreviewed
CVE-2024-23970 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database