Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

766 advisories

Loading
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... High Unreviewed
CVE-2024-57433 was published Feb 1, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users... High Unreviewed
CVE-2024-57434 was published Feb 1, 2025
Software installed and run as a non-privileged user may conduct improper read/write operations on... High Unreviewed
CVE-2024-46974 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23921 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2024-23928 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23963 was published Jan 31, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0745 was published Jan 30, 2025
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0744 was published Jan 30, 2025
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the... High Unreviewed
CVE-2024-41140 was published Jan 29, 2025
A Local Code Execution Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24479 was published Jan 28, 2025
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path... High Unreviewed
CVE-2025-0781 was published Jan 28, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-54537 was published Jan 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2024-54542 was published Jan 28, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:... High Unreviewed
CVE-2025-21565 was published Jan 21, 2025
Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-21506 was published Jan 21, 2025
Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service... High Unreviewed
CVE-2025-21516 was published Jan 21, 2025
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The... High Unreviewed
CVE-2024-57360 was published Jan 21, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5,... High Unreviewed
CVE-2024-40771 was published Jan 15, 2025
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed
CVE-2024-13282 was published Jan 9, 2025
An improper access control vulnerability exists in SimplCommerce at commit... High Unreviewed
CVE-2024-50945 was published Dec 27, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database