Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

73 advisories

Loading
A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and... Critical Unreviewed
CVE-2025-7395 was published Jul 19, 2025
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the... Critical Unreviewed
CVE-2025-6433 was published Jun 26, 2025
An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2025-29331 was published Jun 26, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32878 was published Jun 20, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... Critical Unreviewed
CVE-2025-3463 was published May 9, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... Critical Unreviewed
CVE-2024-41334 was published Feb 27, 2025
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed
CVE-2017-2800 was published May 13, 2022
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute... Critical Unreviewed
CVE-2025-23114 was published Feb 5, 2025
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed
CVE-2022-35898 was published May 1, 2023
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed
CVE-2023-27823 was published May 12, 2023
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated... Critical Unreviewed
CVE-2024-52330 was published Jan 23, 2025
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An... Critical Unreviewed
CVE-2024-52329 was published Jan 23, 2025
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager ... Critical Unreviewed
CVE-2020-27648 was published May 24, 2022
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP... Critical Unreviewed
CVE-2019-20461 was published Nov 7, 2024
An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables... Critical Unreviewed
CVE-2024-45159 was published Sep 5, 2024
There is a vulnerability in the AP Certificate Management Service which could allow a threat... Critical Unreviewed
CVE-2024-42395 was published Aug 6, 2024
In gnss service, there is a possible escalation of privilege due to improper certificate... Critical Unreviewed
CVE-2024-20080 was published Jul 1, 2024
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for... Critical Unreviewed
CVE-2023-5422 was published Oct 16, 2023
Lack of TLS certificate verification in log transmission of a financial module within LINE Client... Critical Unreviewed
CVE-2023-5554 was published Oct 12, 2023
In JetBrains Ktor before 2.3.5 server certificates were not verified Critical Unreviewed
CVE-2023-45613 was published Oct 9, 2023
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed... Critical Unreviewed
CVE-2023-40256 was published Aug 11, 2023
Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute... Critical Unreviewed
CVE-2022-47758 was published Apr 27, 2023
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows... Critical Unreviewed
CVE-2021-46880 was published Apr 15, 2023
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable... Critical Unreviewed
CVE-2023-26463 was published Apr 15, 2023
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c... Critical Unreviewed
CVE-2020-7043 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database