Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious... High Unreviewed
CVE-2023-20877 was published May 12, 2023
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the... High Unreviewed
CVE-2010-2965 was published May 17, 2022
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications,... High Unreviewed
CVE-2024-37002 was published Jun 25, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-54537 was published Jan 28, 2025
A Local Code Execution Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24479 was published Jan 28, 2025
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the... High Unreviewed
CVE-2024-41140 was published Jan 29, 2025
Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker... High Unreviewed
CVE-2020-23362 was published May 9, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur... High Unreviewed
CVE-2021-30713 was published May 24, 2022
Milesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified... High Unreviewed
CVE-2023-24505 was published May 8, 2023
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path... High Unreviewed
CVE-2025-0781 was published Jan 28, 2025
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0744 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0745 was published Jan 30, 2025
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier... High Unreviewed
CVE-2023-25946 was published May 23, 2023
In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for... High Unreviewed
CVE-2023-21117 was published May 16, 2023
Software installed and run as a non-privileged user may conduct improper read/write operations on... High Unreviewed
CVE-2024-46974 was published Jan 31, 2025
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR... High Unreviewed
CVE-2023-26244 was published Apr 27, 2023
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR... High Unreviewed
CVE-2023-26246 was published Apr 27, 2023
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR... High Unreviewed
CVE-2023-26245 was published Apr 27, 2023
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through... High Unreviewed
CVE-2022-37326 was published Apr 27, 2023
Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo... High Unreviewed
CVE-2021-23203 was published Apr 25, 2023
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users... High Unreviewed
CVE-2024-57434 was published Feb 1, 2025
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read... High Unreviewed
CVE-2023-20871 was published Apr 25, 2023
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and... High Unreviewed
CVE-2023-2257 was published Apr 24, 2023
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:... High Unreviewed
CVE-2025-21565 was published Jan 21, 2025
Magento authorization bypass vulnerability High
CVE-2020-9587 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database