Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access High
CVE-2024-55633 was published for apache-superset (pip) Dec 12, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
Next.js authorization bypass vulnerability High
CVE-2024-51479 was published for next (npm) Dec 17, 2024
tyage
TShock Security Escalation Exploit High
GHSA-hvm9-wc8j-mgrc was published for TShock (NuGet) Dec 18, 2024
sgkoishi THEXN
An improper access control vulnerability exists in SimplCommerce at commit... High Unreviewed
CVE-2024-50945 was published Dec 27, 2024
Letta (previously MemGPT) incorrect access control vulnerability High
CVE-2024-39025 was published for letta (pip) Dec 27, 2024
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed
CVE-2024-13282 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Vaultwarden vulnerable to user impersonation High
CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5,... High Unreviewed
CVE-2024-40771 was published Jan 15, 2025
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The... High Unreviewed
CVE-2024-57360 was published Jan 21, 2025
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-21506 was published Jan 21, 2025
Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service... High Unreviewed
CVE-2025-21516 was published Jan 21, 2025
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:... High Unreviewed
CVE-2025-21565 was published Jan 21, 2025
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-54537 was published Jan 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2024-54542 was published Jan 28, 2025
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path... High Unreviewed
CVE-2025-0781 was published Jan 28, 2025
A Local Code Execution Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24479 was published Jan 28, 2025
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the... High Unreviewed
CVE-2024-41140 was published Jan 29, 2025
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0744 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0745 was published Jan 30, 2025
The vulnerability allows an unauthenticated attacker to access information in PAM database. High Unreviewed
CVE-2025-24500 was published Jan 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database