Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

320 advisories

Loading
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-30279 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29885 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29883 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-33031 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-22486 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29884 was published Jun 6, 2025
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-13956 was published May 22, 2025
A security vulnerability has been identified in all supported versions of OpenSSL related to the... High Unreviewed
CVE-2023-0464 was published Mar 22, 2023
In UWB Google, there is a possible way for a malicious app to masquerade as system app com... High Unreviewed
CVE-2023-21358 was published Oct 30, 2023
BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to... High Unreviewed
CVE-2025-28169 was published Apr 23, 2025
Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by... High Unreviewed
CVE-2017-3194 was published May 13, 2022
Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and... High Unreviewed
CVE-2017-3190 was published May 13, 2022
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no"... High Unreviewed
CVE-2017-1000256 was published May 13, 2022
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of... High Unreviewed
CVE-2017-13083 was published May 13, 2022
On Darwin, user's trust preferences for root certificates were not honored. If the user had a... High Unreviewed
CVE-2017-1000097 was published May 14, 2022
iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. High Unreviewed
CVE-2017-7726 was published May 13, 2022
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior... High Unreviewed
CVE-2017-3218 was published May 13, 2022
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form,... High Unreviewed
CVE-2017-8059 was published May 17, 2022
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core)... High Unreviewed
CVE-2017-3563 was published May 13, 2022
Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates. High Unreviewed
CVE-2016-1148 was published May 13, 2022
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should... High Unreviewed
CVE-2022-34469 was published Dec 22, 2022
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and... High Unreviewed
CVE-2015-8960 was published May 14, 2022
Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for... High Unreviewed
CVE-2022-42979 was published Jan 6, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings. High Unreviewed
CVE-2023-23131 was published Feb 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database