Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
Software installed and run as a non-privileged user may conduct improper read/write operations on... High Unreviewed
CVE-2024-46974 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed
CVE-2024-23929 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23921 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23963 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2024-23928 was published Jan 31, 2025
The vulnerability allows an unauthenticated attacker to access information in PAM database. High Unreviewed
CVE-2025-24500 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0745 was published Jan 30, 2025
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0744 was published Jan 30, 2025
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the... High Unreviewed
CVE-2024-41140 was published Jan 29, 2025
A Local Code Execution Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24479 was published Jan 28, 2025
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path... High Unreviewed
CVE-2025-0781 was published Jan 28, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-54537 was published Jan 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2024-54542 was published Jan 28, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:... High Unreviewed
CVE-2025-21565 was published Jan 21, 2025
Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service... High Unreviewed
CVE-2025-21516 was published Jan 21, 2025
Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-21506 was published Jan 21, 2025
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The... High Unreviewed
CVE-2024-57360 was published Jan 21, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5,... High Unreviewed
CVE-2024-40771 was published Jan 15, 2025
Vaultwarden vulnerable to user impersonation High
CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed
CVE-2024-13282 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Letta (previously MemGPT) incorrect access control vulnerability High
CVE-2024-39025 was published for letta (pip) Dec 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database