Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

637 advisories

Loading
Incorrect default permissions in some Intel(R) Chipset Driver Software before version 10.1.19444... High Unreviewed
CVE-2023-28739 was published Jan 7, 2025
Vulnerability of improper permission control in the window management module Impact: Successful... High Unreviewed
CVE-2024-56447 was published Jan 8, 2025
pgAdmin has Incorrect Default Permissions High
CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025
Vaultwarden vulnerable to user impersonation High
CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user... High Unreviewed
CVE-2024-46464 was published Jan 10, 2025
In many locations, there is a possible way to access kernel memory in user space due to an... High Unreviewed
CVE-2018-9401 was published Jan 18, 2025
In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout... High Unreviewed
CVE-2018-9434 was published Jan 18, 2025
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs... High Unreviewed
CVE-2024-34730 was published Jan 22, 2025
In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking... High Unreviewed
CVE-2024-43765 was published Jan 22, 2025
In multiple functions of AccountManagerService.java, there is a possible way to bypass... High Unreviewed
CVE-2024-49724 was published Jan 22, 2025
In multiple functions of CompanionDeviceManagerService.java, there is a possible way to grant... High Unreviewed
CVE-2024-49732 was published Jan 22, 2025
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to... High Unreviewed
CVE-2024-49744 was published Jan 22, 2025
In multiple locations, there is a possible failure to persist permissions settings due to... High Unreviewed
CVE-2024-49735 was published Jan 22, 2025
In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to... High Unreviewed
CVE-2024-49737 was published Jan 22, 2025
In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit... High Unreviewed
CVE-2024-49736 was published Jan 22, 2025
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an... High Unreviewed
CVE-2024-49742 was published Jan 22, 2025
Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin High
CVE-2025-24399 was published for org.jenkins-ci.plugins:oic-auth (Maven) Jan 22, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to... High Unreviewed
CVE-2025-0543 was published Jan 25, 2025
A use after free issue was addressed with improved memory management. This issue is fixed in... High Unreviewed
CVE-2025-24085 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-24107 was published Jan 28, 2025
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2025-24176 was published Jan 28, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database