GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,374
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,261
Maven 5,512
npm 3,910
NuGet 704
pip 3,681
Pub 12
RubyGems 916
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,411

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,027 advisories

Filter by severity

Sort by

Least recently updated

Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks High

CVE-2023-32198 was published for github.com/rancher/stev (Go) Apr 25, 2025

Fleet doesn’t validate a server’s certificate when connecting through SSH Moderate

CVE-2025-23390 was published for github.com/rancher/fleet (Go) Apr 25, 2025

Apache HttpClient disables domain checks High

CVE-2025-27820 was published for org.apache.httpcomponents.client5:httpclient5 (Maven) Apr 24, 2025

BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to... High Unreviewed

CVE-2025-28169 was published Apr 23, 2025

Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An... Low Unreviewed

CVE-2025-26478 was published Apr 17, 2025

HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed

CVE-2024-42193 was published Apr 15, 2025

A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed

CVE-2025-30000 was published Apr 8, 2025

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign... Moderate Unreviewed

CVE-2021-25635 was published Mar 21, 2025

HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle ... Moderate Unreviewed

CVE-2025-0254 was published Mar 20, 2025

Improper certificate validation vulnerability in the update functionality in Synology BeeStation... Moderate Unreviewed

CVE-2024-10445 was published Mar 19, 2025

Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation... High Unreviewed

CVE-2024-10444 was published Mar 19, 2025

An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below... Moderate Unreviewed

CVE-2023-48785 was published Mar 14, 2025

An improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version... Moderate Unreviewed

CVE-2024-40590 was published Mar 14, 2025

Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration... High Unreviewed

CVE-2024-41724 was published Mar 10, 2025

Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP)... High Unreviewed

CVE-2024-43107 was published Mar 10, 2025

An improper certificate validation vulnerability has been reported to affect Helpdesk. If... High Unreviewed

CVE-2024-50394 was published Mar 7, 2025

An Improper Certificate Validation vulnerability could allow an authenticated malicious actor... Moderate Unreviewed

CVE-2025-23118 was published Mar 1, 2025

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is... High Unreviewed

CVE-2024-55581 was published Feb 27, 2025

SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate... High Unreviewed

CVE-2024-50691 was published Feb 26, 2025

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the... Moderate Unreviewed

CVE-2025-1001 was published Feb 21, 2025

IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server... Moderate Unreviewed

CVE-2024-49782 was published Feb 20, 2025

Dell BSAFE SSL-J contains an Improper certificate verification vulnerability. A remote attacker... Moderate Unreviewed

CVE-2024-29171 was published Feb 12, 2025

MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed

CVE-2025-1002 was published Feb 10, 2025

Improper host validation in the certificate validation component in Devolutions Remote Desktop... High Unreviewed

CVE-2025-1193 was published Feb 10, 2025

Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android,... High Unreviewed

CVE-2024-11621 was published Feb 10, 2025

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,027 advisories