Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,731
Erlang
35
GitHub Actions
29
Go
2,308
Maven
5,000+
npm
3,949
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

407 advisories

Loading
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin High
CVE-2025-5279 was published for redshift-connector (pip) May 28, 2025
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-13956 was published May 22, 2025
Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks High
CVE-2023-32198 was published for github.com/rancher/steve (Go) Apr 25, 2025
Apache HttpClient disables domain checks High
CVE-2025-27820 was published for org.apache.httpcomponents.client5:httpclient5 (Maven) Apr 24, 2025
BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to... High Unreviewed
CVE-2025-28169 was published Apr 23, 2025
Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation... High Unreviewed
CVE-2024-10444 was published Mar 19, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration... High Unreviewed
CVE-2024-41724 was published Mar 10, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP)... High Unreviewed
CVE-2024-43107 was published Mar 10, 2025
An improper certificate validation vulnerability has been reported to affect Helpdesk. If... High Unreviewed
CVE-2024-50394 was published Mar 7, 2025
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is... High Unreviewed
CVE-2024-55581 was published Feb 27, 2025
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate... High Unreviewed
CVE-2024-50691 was published Feb 26, 2025
Improper host validation in the certificate validation component in Devolutions Remote Desktop... High Unreviewed
CVE-2025-1193 was published Feb 10, 2025
Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android,... High Unreviewed
CVE-2024-11621 was published Feb 10, 2025
Certificate length was not properly checked when added to a certificate store. In practice only... High Unreviewed
CVE-2025-1014 was published Feb 4, 2025
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2024-23928 was published Jan 31, 2025
An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV... High Unreviewed
CVE-2025-0500 was published Jan 15, 2025
An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may... High Unreviewed
CVE-2025-0501 was published Jan 15, 2025
Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow... High Unreviewed
CVE-2024-54848 was published Jan 10, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized... High Unreviewed
CVE-2024-40702 was published Jan 7, 2025
TCPDF missing certificate validation High
CVE-2024-56521 was published for tecnickcom/tcpdf (Composer) Dec 27, 2024
An improper validation vulnerability was reported in the firmware update mechanism of LADM and... High Unreviewed
CVE-2024-4762 was published Dec 16, 2024
An improper certificate validation vulnerability was reported in LADM that could allow a network... High Unreviewed
CVE-2024-6001 was published Dec 16, 2024
djoser Authentication Bypass High
CVE-2024-21543 was published for djoser (pip) Dec 13, 2024
An improper certificate validation vulnerability has been reported to affect several QNAP... High Unreviewed
CVE-2024-48865 was published Dec 6, 2024
An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point ... High Unreviewed
CVE-2024-45205 was published Dec 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database