Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,215 advisories

Loading
ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the... Low Unreviewed
CVE-2024-52328 was published Jan 23, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Low Unreviewed
CVE-2025-21520 was published Jan 21, 2025
Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Critical Unreviewed
CVE-2024-55959 was published Jan 21, 2025
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-0590 was published Jan 20, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an... Critical Unreviewed
CVE-2024-38337 was published Jan 19, 2025
Windows Secure Kernel Mode Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21325 was published Jan 17, 2025
An authenticated attacker can use this vulnerability to perform a privilege escalation to gain... High Unreviewed
CVE-2024-11497 was published Jan 14, 2025
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication... Critical Unreviewed
CVE-2025-0066 was published Jan 14, 2025
Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File... Moderate Unreviewed
CVE-2024-54910 was published Jan 10, 2025
An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to... High Unreviewed
CVE-2024-55411 was published Jan 7, 2025
The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for... Critical Unreviewed
CVE-2024-53931 was published Jan 7, 2025
The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme)... Critical Unreviewed
CVE-2024-53932 was published Jan 7, 2025
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for... Moderate Unreviewed
CVE-2024-47475 was published Jan 6, 2025
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-49385 was published Jan 2, 2025
A flaw was found in the OpenShift build process, where the docker-build container is configured... High Unreviewed
CVE-2024-45497 was published Dec 31, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2... Moderate Unreviewed
CVE-2024-38864 was published Dec 19, 2024
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical... Moderate Unreviewed
CVE-2024-47104 was published Dec 18, 2024
SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type Low
GHSA-27vq-hv74-7cqp was published for surrealdb (Rust) Dec 16, 2024
AlbertMarashi
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open... Moderate Unreviewed
CVE-2024-12564 was published Dec 12, 2024
The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12255 was published Dec 12, 2024
Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24... High Unreviewed
CVE-2024-12363 was published Dec 11, 2024
Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated... High Unreviewed
CVE-2024-10256 was published Dec 10, 2024
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local... High Unreviewed
CVE-2024-8540 was published Dec 10, 2024
Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated... High Unreviewed
CVE-2024-7572 was published Dec 10, 2024
In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices... Moderate Unreviewed
CVE-2024-8256 was published Dec 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database