Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

429 advisories

Loading
DragonFly's manager generates mTLS certificates for arbitrary IP addresses High
CVE-2025-59353 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew... High Unreviewed
CVE-2025-50944 was published Sep 15, 2025
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30277 was published Aug 29, 2025
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30278 was published Aug 29, 2025
F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint... High Unreviewed
CVE-2025-54809 was published Aug 13, 2025
A TLS vulnerability exists in the phone application used to manage a connected device. The phone... High Unreviewed
CVE-2025-8393 was published Aug 8, 2025
Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of... High Unreviewed
CVE-2025-54607 was published Aug 6, 2025
Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-8476 was published Aug 1, 2025
1Panel agent certificate verification bypass leading to arbitrary command execution High
CVE-2025-54424 was published for github.com/1Panel-dev/1Panel/core (Go) Aug 1, 2025
lizicoco
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an... High Unreviewed
CVE-2025-46788 was published Jul 10, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31853 was published Jul 8, 2025
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During... High Unreviewed
CVE-2024-31854 was published Jul 8, 2025
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due... High Unreviewed
CVE-2025-34066 was published Jul 1, 2025
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate... High Unreviewed
CVE-2025-39205 was published Jun 26, 2025
Podman Improper Certificate Validation; machine missing TLS verification High
CVE-2025-6032 was published for github.com/containers/podman/v4 (Go) Jun 25, 2025
Luap99
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29885 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29884 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-29883 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-30279 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If a... High Unreviewed
CVE-2025-33031 was published Jun 6, 2025
An improper certificate validation vulnerability has been reported to affect File Station 5. If... High Unreviewed
CVE-2025-22486 was published Jun 6, 2025
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin High
CVE-2025-5279 was published for redshift-connector (pip) May 28, 2025
girotomas
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-13956 was published May 22, 2025
Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks High
CVE-2023-32198 was published for github.com/rancher/steve (Go) Apr 25, 2025
Apache HttpClient disables domain checks High
CVE-2025-27820 was published for org.apache.httpcomponents.client5:httpclient5 (Maven) Apr 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database