Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

435 advisories

Loading
On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the web relay for a man-in-the... Moderate Unreviewed
CVE-2021-31399 was published May 24, 2022
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use... Moderate Unreviewed
CVE-2025-4575 was published May 22, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to... Moderate Unreviewed
CVE-2024-45641 was published May 20, 2025
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering... Moderate Unreviewed
CVE-2023-33861 was published May 20, 2025
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does... Moderate Unreviewed
CVE-2025-32407 was published May 16, 2025
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before... Moderate Unreviewed
CVE-2025-22459 was published Apr 8, 2025
A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2025-20157 was published May 7, 2025
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due... Moderate Unreviewed
CVE-2025-3218 was published May 7, 2025
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM)... Moderate Unreviewed
CVE-2025-37730 was published May 6, 2025
In Modem, there is a possible permission bypass due to improper certificate validation. This... Moderate Unreviewed
CVE-2025-20670 was published May 5, 2025
Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates... Moderate Unreviewed
CVE-2015-4100 was published May 24, 2022
GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verification, but a... Moderate Unreviewed
CVE-2017-17716 was published May 14, 2022
The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu... Moderate Unreviewed
CVE-2016-1252 was published May 13, 2022
Cyberduck before 4.4.4 on Windows does not properly validate X.509 certificate chains, which... Moderate Unreviewed
CVE-2014-2845 was published May 13, 2022
The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for Android does not verify X... Moderate Unreviewed
CVE-2017-14582 was published May 17, 2022
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and... Moderate Unreviewed
CVE-2017-12228 was published May 13, 2022
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with... Moderate Unreviewed
CVE-2017-7971 was published May 17, 2022
NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP.... Moderate Unreviewed
CVE-2017-11501 was published May 14, 2022
The "Community State Bank - Lamar Mobile Banking" by Community State Bank - Lamar app 3.0.3 --... Moderate Unreviewed
CVE-2017-9585 was published May 13, 2022
The "PCB Mobile" by Phelps County Bank app 3.0.2 -- aka pcb-mobile/id436891295 for iOS does not... Moderate Unreviewed
CVE-2017-9591 was published May 13, 2022
The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/id757928895 for iOS does... Moderate Unreviewed
CVE-2017-9578 was published May 14, 2022
The "CFB Mobile Banking" by Citizens First Bank Wisconsin app 3.0.1 -- aka cfb-mobile-banking... Moderate Unreviewed
CVE-2017-9596 was published May 17, 2022
The "Blue Ridge Bank and Trust Co. Mobile Banking" by Blue Ridge Bank and Trust Co. app 3.0.1 --... Moderate Unreviewed
CVE-2017-9597 was published May 17, 2022
The "Oritani Mobile Banking" by Oritani Bank app 3.0.0 -- aka oritani-mobile-banking/id778851066... Moderate Unreviewed
CVE-2017-9588 was published May 17, 2022
The "FSBY Mobile Banking" by First State Bank of Yoakum TX app 3.0.0 -- aka fsby-mobile-banking... Moderate Unreviewed
CVE-2017-9586 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database