Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,676
Maven
5,000+
npm
4,298
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate... Moderate Unreviewed
CVE-2025-63432 was published Nov 24, 2025
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the... Moderate Unreviewed
CVE-2025-56232 was published Nov 5, 2025
Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the... High Unreviewed
CVE-2025-56230 was published Nov 5, 2025
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed
CVE-2025-12553 was published Oct 31, 2025
Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in... Moderate Unreviewed
CVE-2025-56146 was published Sep 23, 2025
cortex establishes TLS connections with `InsecureSkipVerify` set to `true` High
CVE-2024-41265 was published for github.com/cortexproject/cortex (Go) Aug 1, 2024
Beego privilege escalation vulnerability High
CVE-2024-40464 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest... Moderate Unreviewed
CVE-2024-36755 was published Jun 27, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to... High Unreviewed
CVE-2024-31872 was published Apr 10, 2024
HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack High
CVE-2023-48052 was published for httpie (pip) Nov 16, 2023
RJPercival
Credited to RJPercival
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database