Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,161 advisories

Loading
A use after free issue was addressed with improved memory management. This issue is fixed in... High Unreviewed
CVE-2025-24085 was published Jan 28, 2025
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to... High Unreviewed
CVE-2025-0543 was published Jan 25, 2025
Weak default folder permissions Moderate Unreviewed
CVE-2024-55930 was published Jan 23, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated... Critical Unreviewed
CVE-2025-20156 was published Jan 22, 2025
Cache confusion in Jenkins Eiffel Broadcaster Plugin Moderate
CVE-2025-24400 was published for com.axis.jenkins.plugins.eiffel:eiffel-broadcaster (Maven) Jan 22, 2025
Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin High
CVE-2025-24399 was published for org.jenkins-ci.plugins:oic-auth (Maven) Jan 22, 2025
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an... High Unreviewed
CVE-2024-49742 was published Jan 22, 2025
In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to... High Unreviewed
CVE-2024-49737 was published Jan 22, 2025
In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit... High Unreviewed
CVE-2024-49736 was published Jan 22, 2025
In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs... High Unreviewed
CVE-2024-34730 was published Jan 22, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to... Moderate Unreviewed
CVE-2024-40514 was published Jan 17, 2025
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210... Critical Unreviewed
CVE-2024-57684 was published Jan 16, 2025
Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c... Moderate Unreviewed
CVE-2024-52783 was published Jan 15, 2025
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user... High Unreviewed
CVE-2024-46464 was published Jan 10, 2025
Vaultwarden vulnerable to user impersonation High
CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025
Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client... Critical Unreviewed
CVE-2024-46505 was published Jan 9, 2025
IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as... Moderate Unreviewed
CVE-2024-43176 was published Jan 9, 2025
pgAdmin has Incorrect Default Permissions High
CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025
Vulnerability of improper permission control in the window management module Impact: Successful... High Unreviewed
CVE-2024-56447 was published Jan 8, 2025
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-56440 was published Jan 8, 2025
Vulnerability of improper permission control in the Gallery module Impact: Successful... Moderate Unreviewed
CVE-2023-52954 was published Jan 8, 2025
An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be... Critical Unreviewed
CVE-2022-41572 was published Jan 7, 2025
Incorrect default permissions in some Intel(R) Chipset Driver Software before version 10.1.19444... High Unreviewed
CVE-2023-28739 was published Jan 7, 2025
An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated... High Unreviewed
CVE-2021-27285 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database