Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by... Critical Unreviewed
CVE-2023-23566 was published Jan 13, 2023
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and... Moderate Unreviewed
CVE-2024-23847 was published May 31, 2024
Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to... High Unreviewed
CVE-2025-29801 was published Apr 8, 2025
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to... High Unreviewed
CVE-2024-0259 was published Mar 28, 2024
snowflake-connector-python vulnerable to insecure cache files permissions Moderate
CVE-2025-24795 was published for snowflake-connector-python (pip) Jan 29, 2025
The system has a vulnerability that may cause dynamic hiding and restoring of app icons... High Unreviewed
CVE-2022-46761 was published Jan 6, 2023
AWS CDK CodePipeline: trusted entities are too broad Low
GHSA-5pq3-h73f-66hr was published for aws-cdk-lib (npm) Mar 24, 2025
A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows... High Unreviewed
CVE-2025-23386 was published Apr 10, 2025
Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions High
CVE-2023-42261 was published for mobsf (pip) Sep 22, 2023 withdrawn
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering... High Unreviewed
CVE-2015-7378 was published May 13, 2022
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business... High Unreviewed
CVE-2016-3943 was published May 13, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products.... High Unreviewed
CVE-2019-9579 was published Dec 26, 2022
fal_sftp extension for TYPO3 uses weak permissions for sFTP driver files and folders Moderate
CVE-2014-8327 was published for co-stack/fal_sftp (Composer) May 17, 2022
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple... High Unreviewed
CVE-2022-3155 was published Dec 22, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27677 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27682 was published Mar 5, 2025
Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that... High Unreviewed
CVE-2025-30701 was published Apr 15, 2025
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted... High Unreviewed
CVE-2022-29909 was published Dec 22, 2022
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). ... High Unreviewed
CVE-2025-30706 was published Apr 15, 2025
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an... High Unreviewed
CVE-2017-8625 was published May 13, 2022
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions ... High Unreviewed
CVE-2017-11156 was published May 13, 2022
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak... High Unreviewed
CVE-2017-11741 was published May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote... High Unreviewed
CVE-2017-16522 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database