Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
738
pip
3,959
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-24140 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-24107 was published Jan 28, 2025
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24135 was published Jan 28, 2025
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2025-24176 was published Jan 28, 2025
CMSimple 5.16 allows the user to edit log.php file via print page. Critical Unreviewed
CVE-2024-57548 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24174 was published Jan 28, 2025
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2025-24826 was published Jan 28, 2025
RuoYi has insecure permissions Moderate
CVE-2024-57438 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025
Snowflake JDBC uses insecure temporary credential cache file permissions Moderate
CVE-2025-24790 was published for net.snowflake:snowflake-jdbc (Maven) Jan 29, 2025
snowflake-connector-python vulnerable to insecure cache files permissions Moderate
CVE-2025-24795 was published for snowflake-connector-python (pip) Jan 29, 2025
Snowflake.Data has weak temporary files permissions Moderate
CVE-2025-24788 was published for Snowflake.Data (NuGet) Jan 29, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies.... High Unreviewed
CVE-2025-22918 was published Feb 3, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11468 was published Feb 5, 2025
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via... Critical Unreviewed
CVE-2024-55215 was published Feb 8, 2025
Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability... High Unreviewed
CVE-2023-31360 was published Feb 11, 2025
Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19... Moderate Unreviewed
CVE-2024-32942 was published Feb 13, 2025
Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software... Moderate Unreviewed
CVE-2024-42419 was published Feb 13, 2025
An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-51440 was published Feb 13, 2025
MaysWind ezBookkeeping has Improper Privilege Management Critical
CVE-2024-57604 was published for github.com/mayswind/ezbookkeeping (Go) Feb 13, 2025
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission... Moderate Unreviewed
CVE-2025-21106 was published Feb 20, 2025
In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an... Critical Unreviewed
CVE-2024-56525 was published Feb 25, 2025
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions High
CVE-2025-27154 was published for spotipy (pip) Feb 28, 2025
alichtman
Permission management vulnerability in the lock screen module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-58046 was published Mar 4, 2025
Vulnerability of improper access permission in the process management module Impact: Successful... Moderate Unreviewed
CVE-2025-27521 was published Mar 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database