GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,892
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,704
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

466 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate... Moderate Unreviewed

CVE-2025-32989 was published Jul 10, 2025

Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of... Moderate Unreviewed

CVE-2016-9064 was published May 14, 2022

Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to... Moderate Unreviewed

CVE-2025-30669 was published Nov 13, 2025

A vulnerability was reported in the Lenovo Scanner pro application during an internal security... Moderate Unreviewed

CVE-2025-12047 was published Nov 12, 2025

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream... Moderate Unreviewed

CVE-2025-12943 was published Nov 11, 2025

This issue was addressed through improved state management. This issue is fixed in Safari 17.4,... Moderate Unreviewed

CVE-2024-23273 was published Mar 8, 2024

A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... Moderate Unreviewed

CVE-2023-41991 was published Sep 21, 2023

When using Alt-Svc, ALPN did not properly validate certificates when the original server is... Moderate Unreviewed

CVE-2025-0239 was published Jan 7, 2025

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed

CVE-2024-25053 was published Jun 29, 2024

The CleverControl employee monitoring software (v11.5.1041.6) fails to validate TLS server... Moderate Unreviewed

CVE-2025-10548 was published Sep 23, 2025

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Moderate Unreviewed

CVE-2025-11633 was published Oct 12, 2025

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic... Moderate Unreviewed

CVE-2020-0601 was published May 24, 2022

A vulnerability was reported in the Lenovo LeCloud client application that, under certain... Moderate Unreviewed

CVE-2025-10699 was published Oct 15, 2025

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed

CVE-2024-5918 was published Nov 14, 2024

Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM... Moderate Unreviewed

CVE-2025-58124 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM... Moderate Unreviewed

CVE-2025-58126 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in... Moderate Unreviewed

CVE-2025-58127 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in... Moderate Unreviewed

CVE-2025-58125 was published Aug 28, 2025

Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in... Moderate Unreviewed

CVE-2025-58123 was published Aug 28, 2025

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle... Moderate Unreviewed

CVE-2025-58781 was published Sep 12, 2025

An insufficient validation on the server connection endpoint in Netskope Client allows local... Moderate Unreviewed

CVE-2025-0309 was published Aug 14, 2025

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS... Moderate Unreviewed

CVE-2025-33142 was published Aug 14, 2025

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables... Moderate Unreviewed

CVE-2025-2183 was published Aug 13, 2025

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed

CVE-2021-42017 was published Mar 9, 2022

A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an... Moderate Unreviewed

CVE-2025-20215 was published Aug 6, 2025

Previous1…19 Next

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

466 advisories