Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,873
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,338 advisories

Loading
An Incorrect Permission Assignment Vulnerability exists in the product and version listed above.... High Unreviewed
CVE-2025-24481 was published Jan 28, 2025
Apache Hive Incorrectly Assigns Permissions for a Critical Resource Moderate
CVE-2024-29869 was published for org.apache.hive:hive-exec (Maven) Jan 29, 2025
An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an... High Unreviewed
CVE-2025-24527 was published Jan 29, 2025
When etcupdate encounters conflicts while merging files, it saves a version containing conflict... Moderate Unreviewed
CVE-2025-0374 was published Jan 30, 2025
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability. High Unreviewed
CVE-2024-34897 was published Feb 3, 2025
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local... Moderate Unreviewed
CVE-2024-45657 was published Feb 4, 2025
@tanstack/form-core prototype pollution High
CVE-2024-57068 was published for @tanstack/form-core (npm) Feb 6, 2025
Balastrong
Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-57520 was published Feb 6, 2025
Under specific conditions, the Central Management Console of the SAP BusinessObjects Business... High Unreviewed
CVE-2025-0064 was published Feb 11, 2025
A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC... High Unreviewed
CVE-2025-23403 was published Feb 11, 2025
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local... High Unreviewed
CVE-2024-13813 was published Feb 11, 2025
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a... High Unreviewed
CVE-2025-1067 was published Feb 25, 2025
Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a... High Unreviewed
CVE-2025-22454 was published Mar 11, 2025
Below has Incorrect Permission Assignment for Critical Resource High
CVE-2025-27591 was published for below (Rust) Mar 11, 2025
mgerstner
Dell ThinOS 2408 and prior, contains an improper permissions vulnerability. A low privileged... High Unreviewed
CVE-2025-27688 was published Mar 18, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in... High Unreviewed
CVE-2024-10209 was published Mar 25, 2025
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions,... Critical Unreviewed
CVE-2025-25373 was published Mar 25, 2025
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the ... Low Unreviewed
CVE-2025-20233 was published Mar 27, 2025
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow... Moderate Unreviewed
CVE-2025-25041 was published Apr 1, 2025
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed
CVE-2024-13861 was published Apr 11, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21581 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2025-21579 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-21580 was published Apr 15, 2025
Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected... Moderate Unreviewed
CVE-2025-21578 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database