Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,731
Erlang
35
GitHub Actions
29
Go
2,308
Maven
5,000+
npm
3,949
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

524 advisories

Loading
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use... Moderate Unreviewed
CVE-2025-4575 was published May 22, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to... Moderate Unreviewed
CVE-2024-45641 was published May 20, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering... Moderate Unreviewed
CVE-2023-33861 was published May 20, 2025
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does... Moderate Unreviewed
CVE-2025-32407 was published May 16, 2025
A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2025-20157 was published May 7, 2025
JRuby-OpenSSL has hostname verification disabled by default Moderate
CVE-2025-46551 was published for org.jruby:jruby (Maven) May 7, 2025
mohamedhafez
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due... Moderate Unreviewed
CVE-2025-3218 was published May 7, 2025
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM)... Moderate Unreviewed
CVE-2025-37730 was published May 6, 2025
In Modem, there is a possible permission bypass due to improper certificate validation. This... Moderate Unreviewed
CVE-2025-20670 was published May 5, 2025
Fleet doesn’t validate a server’s certificate when connecting through SSH Moderate
CVE-2025-23390 was published for github.com/rancher/fleet (Go) Apr 25, 2025
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before... Moderate Unreviewed
CVE-2025-22459 was published Apr 8, 2025
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed
CVE-2025-30000 was published Apr 8, 2025
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign... Moderate Unreviewed
CVE-2021-25635 was published Mar 21, 2025
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle ... Moderate Unreviewed
CVE-2025-0254 was published Mar 20, 2025
Improper certificate validation vulnerability in the update functionality in Synology BeeStation... Moderate Unreviewed
CVE-2024-10445 was published Mar 19, 2025
An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below... Moderate Unreviewed
CVE-2023-48785 was published Mar 14, 2025
An improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version... Moderate Unreviewed
CVE-2024-40590 was published Mar 14, 2025
An Improper Certificate Validation vulnerability could allow an authenticated malicious actor... Moderate Unreviewed
CVE-2025-23118 was published Mar 1, 2025
Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the... Moderate Unreviewed
CVE-2025-1001 was published Feb 21, 2025
IBM OpenPages with Watson 8.3 and 9.0  could allow a remote attacker to spoof mail server... Moderate Unreviewed
CVE-2024-49782 was published Feb 20, 2025
Dell BSAFE SSL-J contains an Improper certificate verification vulnerability. A remote attacker... Moderate Unreviewed
CVE-2024-29171 was published Feb 12, 2025
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed
CVE-2025-1002 was published Feb 10, 2025
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured,... Moderate Unreviewed
CVE-2025-23091 was published Feb 1, 2025
This vulnerability allows network-adjacent attackers to compromise transport security on affected... Moderate Unreviewed
CVE-2024-23970 was published Jan 31, 2025
IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the... Moderate Unreviewed
CVE-2023-38009 was published Jan 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database