Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate... Critical Unreviewed
CVE-2025-56231 was published Nov 5, 2025
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP... Critical Unreviewed
CVE-2019-20461 was published Nov 7, 2024
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Critical Unreviewed
CVE-2025-34235 was published Sep 29, 2025
fs2-io skips mTLS client verification Critical
CVE-2022-31183 was published for co.fs2:fs2-io (Maven) Jul 29, 2022
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and... Critical Unreviewed
CVE-2025-34199 was published Sep 19, 2025
MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates:... Critical Unreviewed
CVE-2024-13990 was published Sep 19, 2025
An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0... Critical Unreviewed
CVE-2025-55109 was published Sep 16, 2025
A malicious client can bypass the client certificate trust check of an opc.https server when the... Critical Unreviewed
CVE-2025-7390 was published Aug 21, 2025
A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and... Critical Unreviewed
CVE-2025-7395 was published Jul 19, 2025
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the... Critical Unreviewed
CVE-2025-6433 was published Jun 26, 2025
Python Swift client is vulnerable to Missing SSL Certificate Check Critical
CVE-2013-6396 was published for python-swiftclient (pip) May 17, 2022
An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2025-29331 was published Jun 26, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32878 was published Jun 20, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... Critical Unreviewed
CVE-2025-3463 was published May 9, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... Critical Unreviewed
CVE-2024-41334 was published Feb 27, 2025
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed
CVE-2017-2800 was published May 13, 2022
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute... Critical Unreviewed
CVE-2025-23114 was published Feb 5, 2025
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed
CVE-2022-35898 was published May 1, 2023
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed
CVE-2023-27823 was published May 12, 2023
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated... Critical Unreviewed
CVE-2024-52330 was published Jan 23, 2025
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An... Critical Unreviewed
CVE-2024-52329 was published Jan 23, 2025
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager ... Critical Unreviewed
CVE-2020-27648 was published May 24, 2022
python-scciclient vulnerable to Man-in-the-middle (MITM) attacks Critical
CVE-2022-2996 was published for python-scciclient (pip) Sep 2, 2022
Improper Certificate Validation in Twisted Critical
CVE-2019-12855 was published for twisted (pip) Aug 16, 2019
splunk-sdk does not properly verify untrusted TLS server certificates Critical
CVE-2019-5729 was published for splunk-sdk (pip) Mar 25, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database