Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

651 advisories

Loading
A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror... High Unreviewed
CVE-2025-3528 was published May 9, 2025
An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower... High Unreviewed
CVE-2025-43595 was published May 2, 2025
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access... High Unreviewed
CVE-2025-42598 was published Apr 28, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for... High Unreviewed
CVE-2025-32981 was published Apr 25, 2025
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). ... High Unreviewed
CVE-2025-30706 was published Apr 15, 2025
Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that... High Unreviewed
CVE-2025-30701 was published Apr 15, 2025
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the... High Unreviewed
CVE-2025-3617 was published Apr 15, 2025
A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows... High Unreviewed
CVE-2025-23386 was published Apr 10, 2025
Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to... High Unreviewed
CVE-2025-29801 was published Apr 8, 2025
Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate... High Unreviewed
CVE-2025-29504 was published Apr 3, 2025
An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to... High Unreviewed
CVE-2025-29570 was published Apr 3, 2025
Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker... High Unreviewed
CVE-2025-0014 was published Apr 2, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-24267 was published Apr 1, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... High Unreviewed
CVE-2025-24277 was published Apr 1, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13... High Unreviewed
CVE-2025-24234 was published Apr 1, 2025
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13... High Unreviewed
CVE-2025-24170 was published Apr 1, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions... High Unreviewed
CVE-2025-24915 was published Mar 21, 2025
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-24864 was published Mar 6, 2025
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-22447 was published Mar 6, 2025
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions High
CVE-2025-27154 was published for spotipy (pip) Feb 28, 2025
alichtman
An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-51440 was published Feb 13, 2025
Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability... High Unreviewed
CVE-2023-31360 was published Feb 11, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11468 was published Feb 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database