Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,096 advisories

Loading
Keycloak vulnerable to Improper Certificate Validation Moderate
CVE-2020-35509 was published for org.keycloak:keycloak-core (Maven) Aug 24, 2022
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due... High Unreviewed
CVE-2025-34066 was published Jul 1, 2025
Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton High
CVE-2019-0223 was published for org.apache.qpid:proton-j (Maven) May 24, 2022 withdrawn
nhakmiller
Python Swift client is vulnerable to Missing SSL Certificate Check Critical
CVE-2013-6396 was published for python-swiftclient (pip) May 17, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31853 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31854 was published Jul 8, 2025
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing... Moderate Unreviewed
CVE-2025-48802 was published Jul 8, 2025
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed
CVE-2025-35983 was published Jul 10, 2025
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate... Moderate Unreviewed
CVE-2025-32989 was published Jul 10, 2025
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an... High Unreviewed
CVE-2025-46788 was published Jul 10, 2025
The communication protocol used between client and server had a flaw that could be leveraged to... Moderate Unreviewed
CVE-2025-30024 was published Jul 11, 2025
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the... Critical Unreviewed
CVE-2025-6433 was published Jun 26, 2025
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4... Moderate Unreviewed
CVE-2025-7095 was published Jul 7, 2025
A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and... Critical Unreviewed
CVE-2025-7395 was published Jul 19, 2025
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA... High Unreviewed
CVE-2021-1134 was published May 24, 2022
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed
CVE-2025-36005 was published Jul 25, 2025
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP... Moderate Unreviewed
CVE-2024-8096 was published Sep 11, 2024
libcurl skips the certificate verification for a QUIC connection under certain conditions, when... Moderate Unreviewed
CVE-2024-2379 was published Mar 27, 2024
libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an... Moderate Unreviewed
CVE-2025-5025 was published May 28, 2025
Podman Improper Certificate Validation; machine missing TLS verification High
CVE-2025-6032 was published for github.com/containers/podman/v4 (Go) Jun 25, 2025
Luap99
A vulnerability in the certificate validation of Cisco&nbsp;Expressway-C and Cisco&nbsp... High Unreviewed
CVE-2022-20814 was published Nov 15, 2024
Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-8476 was published Aug 1, 2025
Hashicorp Vault has Incorrect Validation for Non-CA Certificates Moderate
CVE-2025-6037 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the... Low Unreviewed
CVE-2025-44964 was published Aug 5, 2025
Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of... High Unreviewed
CVE-2025-54607 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database