GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
1,336 advisories
Filter by severity
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia...
Critical
Unreviewed
CVE-2025-24135
was published
Jan 28, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia...
Moderate
Unreviewed
CVE-2025-24140
was published
Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2025-24107
was published
Jan 28, 2025
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura...
High
Unreviewed
CVE-2025-24176
was published
Jan 28, 2025
CMSimple 5.16 allows the user to edit log.php file via print page.
Critical
Unreviewed
CVE-2024-57548
was published
Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS...
Critical
Unreviewed
CVE-2025-24174
was published
Jan 28, 2025
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2025-24826
was published
Jan 28, 2025
RuoYi has insecure permissions
Moderate
CVE-2024-57438
was published
for
com.ruoyi:ruoyi
(Maven)
Jan 29, 2025
Snowflake JDBC uses insecure temporary credential cache file permissions
Moderate
CVE-2025-24790
was published
for
net.snowflake:snowflake-jdbc
(Maven)
Jan 29, 2025
snowflake-connector-python vulnerable to insecure cache files permissions
Moderate
CVE-2025-24795
was published
for
snowflake-connector-python
(pip)
Jan 29, 2025
Snowflake.Data has weak temporary files permissions
Moderate
CVE-2025-24788
was published
for
Snowflake.Data
(NuGet)
Jan 29, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access...
High
Unreviewed
CVE-2025-23007
was published
Jan 30, 2025
Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies....
High
Unreviewed
CVE-2025-22918
was published
Feb 3, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to...
High
Unreviewed
CVE-2024-11468
was published
Feb 5, 2025
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via...
Critical
Unreviewed
CVE-2024-55215
was published
Feb 8, 2025
Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability...
High
Unreviewed
CVE-2023-31360
was published
Feb 11, 2025
Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19...
Moderate
Unreviewed
CVE-2024-32942
was published
Feb 13, 2025
Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software...
Moderate
Unreviewed
CVE-2024-42419
was published
Feb 13, 2025
An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the...
High
Unreviewed
CVE-2024-51440
was published
Feb 13, 2025
MaysWind ezBookkeeping has Improper Privilege Management
Critical
CVE-2024-57604
was published
for
github.com/mayswind/ezbookkeeping
(Go)
Feb 13, 2025
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission...
Moderate
Unreviewed
CVE-2025-21106
was published
Feb 20, 2025
In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an...
Critical
Unreviewed
CVE-2024-56525
was published
Feb 25, 2025
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions
High
CVE-2025-27154
was published
for
spotipy
(pip)
Feb 28, 2025
Permission management vulnerability in the lock screen module
Impact: Successful exploitation of...
Moderate
Unreviewed
CVE-2024-58046
was published
Mar 4, 2025
Vulnerability of improper access permission in the process management module
Impact: Successful...
Moderate
Unreviewed
CVE-2025-27521
was published
Mar 4, 2025
ProTip!
Advisories are also available from the
GraphQL API