Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

36 advisories

Loading
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on... Low Unreviewed
CVE-2026-0872 was published Feb 13, 2026
An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal... Low Unreviewed
CVE-2026-0228 was published Feb 11, 2026
Tanium addressed an improper certificate validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15323 was published Feb 5, 2026
Weblate command-line client susceptible to SSL verification skip Low
CVE-2026-22250 was published for wlc (pip) Jan 12, 2026
nijel Zee99y
Credited to nijel and Zee99y
KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe... Low Unreviewed
CVE-2025-69412 was published Jan 1, 2026
Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a... Low Unreviewed
CVE-2025-12893 was published Nov 25, 2025
GoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy... Low Unreviewed
CVE-2025-65083 was published Nov 17, 2025
Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10... Low Unreviewed
CVE-2025-60022 was published Nov 17, 2025
An improper certificate validation vulnerability was reported in the Lenovo Universal Device... Low Unreviewed
CVE-2025-6026 was published Oct 15, 2025
CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An... Low Unreviewed
CVE-2025-35434 was published Sep 17, 2025
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the... Low Unreviewed
CVE-2025-44964 was published Aug 5, 2025
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An... Low Unreviewed
CVE-2025-26478 was published Apr 17, 2025
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed
CVE-2024-42193 was published Apr 15, 2025
BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can... Low Unreviewed
CVE-2024-42186 was published Jan 23, 2025
An Improper Certificate Validation vulnerability exists in Tenable Security Center where an... Low Unreviewed
CVE-2024-12174 was published Dec 10, 2024
lxd CA certificate sign check bypass Low
CVE-2024-6156 was published for github.com/canonical/lxd (Go) Dec 9, 2024
markylaing
Credited to markylaing
lxd has a restricted TLS certificate privilege escalation when in PKI mode Low
CVE-2024-6219 was published for github.com/canonical/lxd (Go) Dec 9, 2024
markylaing
Credited to markylaing
An improper certificate validation vulnerability has been reported to affect QuMagie. If... Low Unreviewed
CVE-2024-38642 was published Sep 6, 2024
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not... Low Unreviewed
CVE-2024-5445 was published Aug 12, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a... Low Unreviewed
CVE-2024-4786 was published Jul 26, 2024
A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic.... Low Unreviewed
CVE-2024-4062 was published Apr 23, 2024
A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as... Low Unreviewed
CVE-2024-4063 was published Apr 23, 2024
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider Low
CVE-2024-29733 was published for apache-airflow-providers-ftp (pip) Apr 21, 2024
ericwb
Credited to ericwb
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive... Low Unreviewed
CVE-2023-37397 was published Apr 19, 2024
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability... Low Unreviewed
CVE-2023-32464 was published Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database