Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,130 advisories

Loading
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an... High Unreviewed
CVE-2025-46788 was published Jul 10, 2025
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed
CVE-2025-35983 was published Jul 10, 2025
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing... Moderate Unreviewed
CVE-2025-48802 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31853 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31854 was published Jul 8, 2025
Python Swift client is vulnerable to Missing SSL Certificate Check Critical
CVE-2013-6396 was published for python-swiftclient (pip) May 17, 2022
Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton High
CVE-2019-0223 was published for org.apache.qpid:proton-j (Maven) May 24, 2022 withdrawn
nhakmiller
Credited to nhakmiller
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due... High Unreviewed
CVE-2025-34066 was published Jul 1, 2025
Keycloak vulnerable to Improper Certificate Validation Moderate
CVE-2020-35509 was published for org.keycloak:keycloak-core (Maven) Aug 24, 2022
In Yealink YMCS RPS before 2025-05-26, the certificate upload function does not properly validate... Moderate Unreviewed
CVE-2025-52919 was published Jun 22, 2025
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2024-23928 was published Jan 31, 2025
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app... High Unreviewed
CVE-2024-5921 was published Nov 27, 2024
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate... High Unreviewed
CVE-2025-39205 was published Jun 26, 2025
An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2025-29331 was published Jun 26, 2025
libcurl accidentally skips the certificate verification for QUIC connections when connecting to a... Moderate Unreviewed
CVE-2025-4947 was published May 28, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32878 was published Jun 20, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29885 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29884 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29883 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-22486 was published Jun 6, 2025
Cohesity DataProtect 6.8.1 and 6.6.0d was discovered to have a incorrect access control... Moderate Unreviewed
CVE-2023-33295 was published Jan 19, 2024
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed
CVE-2025-36041 was published Jun 15, 2025
An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below,... Moderate Unreviewed
CVE-2025-24471 was published Jun 10, 2025
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet... High Unreviewed
CVE-2018-1000500 was published May 13, 2022
On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the web relay for a man-in-the... Moderate Unreviewed
CVE-2021-31399 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database