GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,184

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,781 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the... High Unreviewed

CVE-2024-41140 was published Jan 29, 2025

RuoYi has insecure permissions Moderate

CVE-2024-57438 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0741 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0742 was published Jan 30, 2025

an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed

CVE-2025-0744 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0743 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed

CVE-2025-0745 was published Jan 30, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS... Moderate Unreviewed

CVE-2025-24099 was published Jan 30, 2025

The vulnerability allows an unauthenticated attacker to access information in PAM database. High Unreviewed

CVE-2025-24500 was published Jan 30, 2025

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2024-23963 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed

CVE-2024-23937 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed

CVE-2024-23928 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed

CVE-2024-23929 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2024-23921 was published Jan 31, 2025

Software installed and run as a non-privileged user may conduct improper read/write operations on... High Unreviewed

CVE-2024-46974 was published Jan 31, 2025

macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys... Critical Unreviewed

CVE-2024-57432 was published Jan 31, 2025

SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on... Critical Unreviewed

CVE-2024-47857 was published Jan 31, 2025

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... High Unreviewed

CVE-2024-57433 was published Feb 1, 2025

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users... High Unreviewed

CVE-2024-57434 was published Feb 1, 2025

Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions Moderate

CVE-2025-24860 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025

An error when handling authorization related to the import / export interfaces on the RISC... Moderate Unreviewed

CVE-2021-41528 was published Feb 7, 2025

An authorization issue was addressed with improved state management. This issue is fixed in... High Unreviewed

CVE-2025-24200 was published Feb 10, 2025

SAP NetWeaver Application Server Java allows an attacker to access an endpoint that can disclose... Moderate Unreviewed

CVE-2025-24869 was published Feb 11, 2025

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain... Moderate Unreviewed

CVE-2025-24872 was published Feb 11, 2025

Magento Incorrect Authorization vulnerability Moderate

CVE-2025-24421 was published for magento/community-edition (Composer) Feb 11, 2025

Previous 1…101…112 Next

Previous 1 2 … 99 100 101 102 103 … 111 112 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,781 advisories