Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,382
Maven
5,000+
npm
4,011
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
987
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,068 advisories

Loading
The communication protocol used between client and server had a flaw that could be leveraged to... Moderate Unreviewed
CVE-2025-30024 was published Jul 11, 2025
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an... High Unreviewed
CVE-2025-46788 was published Jul 10, 2025
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate... Moderate Unreviewed
CVE-2025-32989 was published Jul 10, 2025
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed
CVE-2025-35983 was published Jul 10, 2025
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing... Moderate Unreviewed
CVE-2025-48802 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31854 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31853 was published Jul 8, 2025
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due... High Unreviewed
CVE-2025-34066 was published Jul 1, 2025
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the... Critical Unreviewed
CVE-2025-6433 was published Jun 26, 2025
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate... High Unreviewed
CVE-2025-39205 was published Jun 26, 2025
An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2025-29331 was published Jun 26, 2025
Podman Improper Certificate Validation; machine missing TLS verification High
CVE-2025-6032 was published for github.com/containers/podman/v4 (Go) Jun 25, 2025
Luap99
In Yealink YMCS RPS before 2025-05-26, the certificate upload function does not properly validate... Moderate Unreviewed
CVE-2025-52919 was published Jun 22, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32878 was published Jun 20, 2025
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0... Moderate Unreviewed
CVE-2025-36041 was published Jun 15, 2025
An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below,... Moderate Unreviewed
CVE-2025-24471 was published Jun 10, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-30279 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-33031 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29885 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29883 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29884 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-22486 was published Jun 6, 2025
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin High
CVE-2025-5279 was published for redshift-connector (pip) May 28, 2025
girotomas
libcurl accidentally skips the certificate verification for QUIC connections when connecting to a... Moderate Unreviewed
CVE-2025-4947 was published May 28, 2025
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-13956 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database