Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,262
Maven
5,000+
npm
3,912
NuGet
705
pip
3,681
Pub
12
RubyGems
916
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,281 advisories

Loading
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2025-30408 was published Apr 24, 2025
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed
CVE-2025-0926 was published Apr 23, 2025
An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H... High Unreviewed
CVE-2025-1731 was published Apr 22, 2025
Overview  The product specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2025-0758 was published Apr 17, 2025
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search... High Unreviewed
CVE-2025-30708 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30685 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30684 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30688 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30687 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2025-21584 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21585 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30683 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30682 was published Apr 15, 2025
Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected... Moderate Unreviewed
CVE-2025-21578 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2025-21579 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-21580 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21581 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2025-21583 was published Apr 15, 2025
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed
CVE-2024-13861 was published Apr 11, 2025
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow... Moderate Unreviewed
CVE-2025-25041 was published Apr 1, 2025
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the ... Low Unreviewed
CVE-2025-20233 was published Mar 27, 2025
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions,... Critical Unreviewed
CVE-2025-25373 was published Mar 25, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in... High Unreviewed
CVE-2024-10209 was published Mar 25, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
Dell ThinOS 2408 and prior, contains an improper permissions vulnerability. A low privileged... High Unreviewed
CVE-2025-27688 was published Mar 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database