Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow... High Unreviewed
CVE-2024-45328 was published Mar 11, 2025
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an... High Unreviewed
CVE-2024-2098 was published Jun 13, 2024
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3... High Unreviewed
CVE-2023-23918 was published Feb 23, 2023
This vulnerability exists in the CAP back office application due to improper authorization checks... High Unreviewed
CVE-2025-29997 was published Mar 13, 2025
The vulnerability allows an unauthenticated attacker to access information in PAM database. High Unreviewed
CVE-2025-24500 was published Jan 30, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows... High Unreviewed
CVE-2025-30074 was published Mar 16, 2025
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7265 was published Aug 7, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7266 was published Aug 7, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). ... High Unreviewed
CVE-2024-21083 was published Apr 17, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2024-54542 was published Jan 28, 2025
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access... High Unreviewed
CVE-2024-48651 was published Nov 29, 2024
Adobe Commerce Improper Authorization vulnerability High
CVE-2025-24409 was published for magento/community-edition (Composer) Feb 11, 2025
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The... High Unreviewed
CVE-2024-57360 was published Jan 21, 2025
An improper access control vulnerability exists in SimplCommerce at commit... High Unreviewed
CVE-2024-50945 was published Dec 27, 2024
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... High Unreviewed
CVE-2024-57433 was published Feb 1, 2025
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform... High Unreviewed
CVE-2023-24485 was published Feb 16, 2023
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A... High Unreviewed
CVE-2024-44162 was published Sep 17, 2024
A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low... High Unreviewed
CVE-2024-10109 was published Mar 20, 2025
Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite ... High Unreviewed
CVE-2024-21149 was published Jul 17, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14... High Unreviewed
CVE-2024-44305 was published Mar 21, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-40770 was published Sep 17, 2024
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23963 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database