Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has... Moderate Unreviewed
CVE-2017-9079 was published May 13, 2022
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the... High Unreviewed
CVE-2017-7889 was published May 13, 2022
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper... High Unreviewed
CVE-2017-3006 was published May 13, 2022
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions... Critical Unreviewed
CVE-2017-6950 was published May 13, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2025-21583 was published Apr 15, 2025
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search... High Unreviewed
CVE-2025-30708 was published Apr 15, 2025
cnlh nps vulnerable to file overwrite by local user Moderate
CVE-2019-15119 was published for ehang.io/nps (Go) May 24, 2022
SilverStripe Subsite weakens file permissions Moderate
CVE-2022-42949 was published for silverstripe/subsites (Composer) Dec 19, 2022
Overview  The product specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2025-0758 was published Apr 17, 2025
Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected... Moderate Unreviewed
CVE-2025-21578 was published Apr 15, 2025
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2,... Low Unreviewed
CVE-2009-2948 was published May 2, 2022
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for... High Unreviewed
CVE-2008-0662 was published May 1, 2022
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full... High Unreviewed
CVE-2007-6033 was published May 1, 2022
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed
CVE-2022-47927 was published Jan 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15... Moderate Unreviewed
CVE-2022-4365 was published Jan 12, 2023
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow... Moderate Unreviewed
CVE-2025-25041 was published Apr 1, 2025
In exported content providers of ShannonRcs, there is a possible way to get access to protected... Moderate Unreviewed
CVE-2023-20923 was published Jan 26, 2023
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Incorrect Access Control. High Unreviewed
CVE-2022-44263 was published Jan 27, 2023
The SystemUI module has a vulnerability in permission management. Impact: Successful exploitation... High Unreviewed
CVE-2023-52715 was published Apr 7, 2024
Vulnerability of improper permission control in the window management module. Impact: Successful... High Unreviewed
CVE-2024-30413 was published Apr 7, 2024
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the ... Low Unreviewed
CVE-2025-20233 was published Mar 27, 2025
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions,... Critical Unreviewed
CVE-2025-25373 was published Mar 25, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a... Moderate Unreviewed
CVE-2024-51448 was published Jan 18, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in... High Unreviewed
CVE-2024-10209 was published Mar 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database