Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,007 advisories

Loading
An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below... Moderate Unreviewed
CVE-2023-48785 was published Mar 14, 2025
An improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version... Moderate Unreviewed
CVE-2024-40590 was published Mar 14, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration... High Unreviewed
CVE-2024-41724 was published Mar 10, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP)... High Unreviewed
CVE-2024-43107 was published Mar 10, 2025
An improper certificate validation vulnerability has been reported to affect Helpdesk. If... High Unreviewed
CVE-2024-50394 was published Mar 7, 2025
An Improper Certificate Validation vulnerability could allow an authenticated malicious actor... Moderate Unreviewed
CVE-2025-23118 was published Mar 1, 2025
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is... High Unreviewed
CVE-2024-55581 was published Feb 27, 2025
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate... High Unreviewed
CVE-2024-50691 was published Feb 26, 2025
Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the... Moderate Unreviewed
CVE-2025-1001 was published Feb 21, 2025
IBM OpenPages with Watson 8.3 and 9.0  could allow a remote attacker to spoof mail server... Moderate Unreviewed
CVE-2024-49782 was published Feb 20, 2025
Dell BSAFE SSL-J contains an Improper certificate verification vulnerability. A remote attacker... Moderate Unreviewed
CVE-2024-29171 was published Feb 12, 2025
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed
CVE-2025-1002 was published Feb 10, 2025
Improper host validation in the certificate validation component in Devolutions Remote Desktop... High Unreviewed
CVE-2025-1193 was published Feb 10, 2025
Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android,... High Unreviewed
CVE-2024-11621 was published Feb 10, 2025
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute... Critical Unreviewed
CVE-2025-23114 was published Feb 5, 2025
Certificate length was not properly checked when added to a certificate store. In practice only... High Unreviewed
CVE-2025-1014 was published Feb 4, 2025
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured,... Moderate Unreviewed
CVE-2025-23091 was published Feb 1, 2025
This vulnerability allows network-adjacent attackers to compromise transport security on affected... Moderate Unreviewed
CVE-2024-23970 was published Jan 31, 2025
IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the... Moderate Unreviewed
CVE-2023-38009 was published Jan 26, 2025
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An... Critical Unreviewed
CVE-2024-52329 was published Jan 23, 2025
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated... Critical Unreviewed
CVE-2024-52330 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can... Low Unreviewed
CVE-2024-42186 was published Jan 23, 2025
An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV... High Unreviewed
CVE-2025-0500 was published Jan 15, 2025
An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may... High Unreviewed
CVE-2025-0501 was published Jan 15, 2025
An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private... Moderate Unreviewed
CVE-2024-54849 was published Jan 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database