GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,888
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,941
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

889 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew... High Unreviewed

CVE-2025-50944 was published Sep 15, 2025

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle... Moderate Unreviewed

CVE-2025-58781 was published Sep 12, 2025

2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle... High Unreviewed

CVE-2024-47258 was published Feb 6, 2025

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed

CVE-2025-30277 was published Aug 29, 2025

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed

CVE-2025-30278 was published Aug 29, 2025

Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM... Moderate Unreviewed

CVE-2025-58124 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in... Moderate Unreviewed

CVE-2025-58125 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM... Moderate Unreviewed

CVE-2025-58126 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in... Moderate Unreviewed

CVE-2025-58123 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in... Moderate Unreviewed

CVE-2025-58127 was published Aug 28, 2025

A malicious client can bypass the client certificate trust check of an opc.https server when the... Critical Unreviewed

CVE-2025-7390 was published Aug 21, 2025

An insufficient validation on the server connection endpoint in Netskope Client allows local... Moderate Unreviewed

CVE-2025-0309 was published Aug 14, 2025

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS... Moderate Unreviewed

CVE-2025-33142 was published Aug 14, 2025

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables... Moderate Unreviewed

CVE-2025-2183 was published Aug 13, 2025

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint... High Unreviewed

CVE-2025-54809 was published Aug 13, 2025

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed

CVE-2021-42017 was published Mar 9, 2022

A TLS vulnerability exists in the phone application used to manage a connected device. The phone... High Unreviewed

CVE-2025-8393 was published Aug 8, 2025

A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an... Moderate Unreviewed

CVE-2025-20215 was published Aug 6, 2025

The server identity check mechanism for firmware upgrade performed via command shell is... Moderate Unreviewed

CVE-2025-48393 was published Aug 6, 2025

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used... Moderate Unreviewed

CVE-2025-2028 was published Aug 6, 2025

Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of... High Unreviewed

CVE-2025-54607 was published Aug 6, 2025

A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the... Low Unreviewed

CVE-2025-44964 was published Aug 5, 2025

Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows... High Unreviewed

CVE-2025-8476 was published Aug 1, 2025

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco&nbsp... High Unreviewed

CVE-2022-20814 was published Nov 15, 2024

libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an... Moderate Unreviewed

CVE-2025-5025 was published May 28, 2025

Previous1…36 Next

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

889 advisories