GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,779

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

412 advisories

Filter by severity

Sort by

Least recently updated

Dell BSAFE SSL-J contains an Improper certificate verification vulnerability. A remote attacker... Moderate Unreviewed

CVE-2024-29171 was published Feb 12, 2025

MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed

CVE-2025-1002 was published Feb 10, 2025

This vulnerability allows network-adjacent attackers to compromise transport security on affected... Moderate Unreviewed

CVE-2024-23970 was published Jan 31, 2025

IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the... Moderate Unreviewed

CVE-2023-38009 was published Jan 26, 2025

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports... Moderate Unreviewed

CVE-2023-28321 was published May 26, 2023

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH)... Moderate Unreviewed

CVE-2024-54847 was published Jan 10, 2025

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private... Moderate Unreviewed

CVE-2024-54849 was published Jan 10, 2025

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and... Moderate Unreviewed

CVE-2024-54846 was published Jan 10, 2025

When using Alt-Svc, ALPN did not properly validate certificates when the original server is... Moderate Unreviewed

CVE-2025-0239 was published Jan 7, 2025

A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for... Moderate Unreviewed

CVE-2025-20126 was published Jan 8, 2025

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a... Moderate Unreviewed

CVE-2024-47119 was published Dec 18, 2024

Improper Certificate Validation in Checkmk Exchange plugin MikroTik allows attackers in MitM... Moderate Unreviewed

CVE-2024-38861 was published Sep 27, 2024

The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates... Moderate Unreviewed

CVE-2005-3170 was published May 1, 2022

A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software... Moderate Unreviewed

CVE-2020-3557 was published May 24, 2022

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. Moderate Unreviewed

CVE-2020-8156 was published May 24, 2022

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed

CVE-2024-5918 was published Nov 14, 2024

HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable. Moderate Unreviewed

CVE-2024-30149 was published Oct 31, 2024

A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to... Moderate Unreviewed

CVE-2024-28067 was published Jul 9, 2024

This issue was addressed through improved state management. This issue is fixed in Safari 17.4,... Moderate Unreviewed

CVE-2024-23273 was published Mar 8, 2024

An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass... Moderate Unreviewed

CVE-2024-31955 was published Oct 15, 2024

IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the... Moderate Unreviewed

CVE-2024-43177 was published Oct 22, 2024

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper... Moderate Unreviewed

CVE-2024-47241 was published Oct 18, 2024

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could... Moderate Unreviewed

CVE-2024-20385 was published Oct 2, 2024

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server... Moderate Unreviewed

CVE-2024-38324 was published Sep 25, 2024

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. Moderate Unreviewed

CVE-2024-9160 was published Sep 27, 2024

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

412 advisories