GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,851
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,494
Maven 5,932
npm 4,129
NuGet 735
pip 3,944
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,474

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

460 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle... Moderate Unreviewed

CVE-2025-58781 was published Sep 12, 2025

Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM... Moderate Unreviewed

CVE-2025-58126 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in... Moderate Unreviewed

CVE-2025-58123 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM... Moderate Unreviewed

CVE-2025-58124 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in... Moderate Unreviewed

CVE-2025-58125 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in... Moderate Unreviewed

CVE-2025-58127 was published Aug 28, 2025

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS... Moderate Unreviewed

CVE-2025-33142 was published Aug 14, 2025

An insufficient validation on the server connection endpoint in Netskope Client allows local... Moderate Unreviewed

CVE-2025-0309 was published Aug 14, 2025

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables... Moderate Unreviewed

CVE-2025-2183 was published Aug 13, 2025

A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an... Moderate Unreviewed

CVE-2025-20215 was published Aug 6, 2025

The server identity check mechanism for firmware upgrade performed via command shell is... Moderate Unreviewed

CVE-2025-48393 was published Aug 6, 2025

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used... Moderate Unreviewed

CVE-2025-2028 was published Aug 6, 2025

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed

CVE-2025-36005 was published Jul 25, 2025

The communication protocol used between client and server had a flaw that could be leveraged to... Moderate Unreviewed

CVE-2025-30024 was published Jul 11, 2025

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate... Moderate Unreviewed

CVE-2025-32989 was published Jul 10, 2025

Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed

CVE-2025-35983 was published Jul 10, 2025

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing... Moderate Unreviewed

CVE-2025-48802 was published Jul 8, 2025

A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4... Moderate Unreviewed

CVE-2025-7095 was published Jul 7, 2025

In Yealink YMCS RPS before 2025-05-26, the certificate upload function does not properly validate... Moderate Unreviewed

CVE-2025-52919 was published Jun 22, 2025

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed

CVE-2025-36041 was published Jun 15, 2025

An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below,... Moderate Unreviewed

CVE-2025-24471 was published Jun 10, 2025

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a... Moderate Unreviewed

CVE-2025-4947 was published May 28, 2025

libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an... Moderate Unreviewed

CVE-2025-5025 was published May 28, 2025

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use... Moderate Unreviewed

CVE-2025-4575 was published May 22, 2025

IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to... Moderate Unreviewed

CVE-2024-45641 was published May 20, 2025

Previous1…19 Next

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

460 advisories