Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

337 advisories

Loading
A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4... High Unreviewed
CVE-2025-44018 was published Nov 24, 2025
A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser... High Unreviewed
CVE-2025-10495 was published Nov 12, 2025
A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11).... High Unreviewed
CVE-2025-40744 was published Nov 11, 2025
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data... High Unreviewed
CVE-2025-64685 was published Nov 10, 2025
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to... High Unreviewed
CVE-2024-31871 was published Apr 10, 2024
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. High Unreviewed
CVE-2023-31484 was published Apr 29, 2023
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate... High Unreviewed
CVE-2024-35140 was published May 31, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to... High Unreviewed
CVE-2024-31872 was published Apr 10, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a... High Unreviewed
CVE-2023-43017 was published Feb 7, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an... High Unreviewed
CVE-2023-32330 was published Feb 7, 2024
Certificate length was not properly checked when added to a certificate store. In practice only... High Unreviewed
CVE-2025-1014 was published Feb 4, 2025
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can... High Unreviewed
CVE-2021-3935 was published May 24, 2022
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a ... High Unreviewed
CVE-2024-45234 was published Aug 25, 2024
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of... High Unreviewed
CVE-2023-20963 was published Mar 24, 2023
Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-26923 was published May 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... High Unreviewed
CVE-2022-20703 was published Feb 11, 2022
Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and... High Unreviewed
CVE-2025-11619 was published Oct 15, 2025
An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may... High Unreviewed
CVE-2025-0501 was published Jan 15, 2025
An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV... High Unreviewed
CVE-2025-0500 was published Jan 15, 2025
An improper certificate validation vulnerability has been reported to affect several QNAP... High Unreviewed
CVE-2024-48865 was published Dec 6, 2024
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30277 was published Aug 29, 2025
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30278 was published Aug 29, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-33031 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-30279 was published Jun 6, 2025
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew... High Unreviewed
CVE-2025-50944 was published Sep 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database