Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

443 advisories

Loading
Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper... Moderate Unreviewed
CVE-2025-5995 was published Jun 26, 2025
cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with... Moderate Unreviewed
CVE-2024-11584 was published Jun 26, 2025
Sangfor aTrust through 2.4.10 allows users to modify the ExecStartPre command. Moderate Unreviewed
CVE-2025-52923 was published Jun 22, 2025
A vulnerability was found in logrotate in how the state file is created. The state file is used... Moderate Unreviewed
CVE-2022-1348 was published May 26, 2022
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-23223 was published Jan 23, 2024
IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform... Moderate Unreviewed
CVE-2024-45655 was published Jun 3, 2025
An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed
CVE-2020-15595 was published May 24, 2022
Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v... Moderate Unreviewed
CVE-2025-48747 was published May 28, 2025
For a short time they PTY is set to mode 666, allowing any user on the system to connect to the... Moderate Unreviewed
CVE-2025-46802 was published May 26, 2025
Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect... Moderate Unreviewed
CVE-2025-32915 was published May 22, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework... Moderate Unreviewed
CVE-2025-3936 was published May 22, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 2... Moderate Unreviewed
CVE-2025-31262 was published May 19, 2025
Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 before... Moderate Unreviewed
CVE-2022-3325 was published Oct 17, 2022
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... Moderate Unreviewed
CVE-2025-40572 was published May 13, 2025
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted... Moderate Unreviewed
CVE-2025-42997 was published May 13, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1... Moderate Unreviewed
CVE-2022-32929 was published Nov 2, 2022
A permissions issue existed. This issue was addressed with improved permission validation. This... Moderate Unreviewed
CVE-2022-42788 was published Nov 2, 2022
A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed
CVE-2023-32005 was published Sep 20, 2023
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager ... Moderate Unreviewed
CVE-2025-23245 was published May 1, 2025
Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed
CVE-2022-44280 was published Nov 23, 2022
g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to... Moderate Unreviewed
CVE-2022-46338 was published Nov 30, 2022
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2025-30408 was published Apr 24, 2025
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed
CVE-2025-0926 was published Apr 23, 2025
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write... Moderate Unreviewed
CVE-2017-15906 was published May 13, 2022
In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an... Moderate Unreviewed
CVE-2017-9792 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database