GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,992

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

466 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to... Moderate Unreviewed

CVE-2025-30669 was published Nov 13, 2025

A vulnerability was reported in the Lenovo Scanner pro application during an internal security... Moderate Unreviewed

CVE-2025-12047 was published Nov 12, 2025

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream... Moderate Unreviewed

CVE-2025-12943 was published Nov 11, 2025

A vulnerability was reported in the Lenovo LeCloud client application that, under certain... Moderate Unreviewed

CVE-2025-10699 was published Oct 15, 2025

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Moderate Unreviewed

CVE-2025-11633 was published Oct 12, 2025

The CleverControl employee monitoring software (v11.5.1041.6) fails to validate TLS server... Moderate Unreviewed

CVE-2025-10548 was published Sep 23, 2025

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle... Moderate Unreviewed

CVE-2025-58781 was published Sep 12, 2025

Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM... Moderate Unreviewed

CVE-2025-58124 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in... Moderate Unreviewed

CVE-2025-58125 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM... Moderate Unreviewed

CVE-2025-58126 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in... Moderate Unreviewed

CVE-2025-58123 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in... Moderate Unreviewed

CVE-2025-58127 was published Aug 28, 2025

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS... Moderate Unreviewed

CVE-2025-33142 was published Aug 14, 2025

An insufficient validation on the server connection endpoint in Netskope Client allows local... Moderate Unreviewed

CVE-2025-0309 was published Aug 14, 2025

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables... Moderate Unreviewed

CVE-2025-2183 was published Aug 13, 2025

A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an... Moderate Unreviewed

CVE-2025-20215 was published Aug 6, 2025

The server identity check mechanism for firmware upgrade performed via command shell is... Moderate Unreviewed

CVE-2025-48393 was published Aug 6, 2025

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used... Moderate Unreviewed

CVE-2025-2028 was published Aug 6, 2025

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed

CVE-2025-36005 was published Jul 25, 2025

The communication protocol used between client and server had a flaw that could be leveraged to... Moderate Unreviewed

CVE-2025-30024 was published Jul 11, 2025

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate... Moderate Unreviewed

CVE-2025-32989 was published Jul 10, 2025

Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed

CVE-2025-35983 was published Jul 10, 2025

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing... Moderate Unreviewed

CVE-2025-48802 was published Jul 8, 2025

A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4... Moderate Unreviewed

CVE-2025-7095 was published Jul 7, 2025

In Yealink YMCS RPS before 2025-05-26, the certificate upload function does not properly validate... Moderate Unreviewed

CVE-2025-52919 was published Jun 22, 2025

Previous1…19 Next

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

466 advisories