GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
1,134 advisories
Filter by severity
A vulnerability in the NetExtender Windows client log export function allows unauthorized access...
High
Unreviewed
CVE-2025-23007
was published
Jan 30, 2025
Snowflake.Data has weak temporary files permissions
Moderate
CVE-2025-24788
was published
for
Snowflake.Data
(NuGet)
Jan 29, 2025
snowflake-connector-python vulnerable to insecure cache files permissions
Moderate
CVE-2025-24795
was published
for
snowflake-connector-python
(pip)
Jan 29, 2025
Snowflake JDBC uses insecure temporary credential cache file permissions
Moderate
CVE-2025-24790
was published
for
net.snowflake:snowflake-jdbc
(Maven)
Jan 29, 2025
RuoYi has insecure permissions
Moderate
CVE-2024-57438
was published
for
com.ruoyi:ruoyi
(Maven)
Jan 29, 2025
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2025-24826
was published
Jan 28, 2025
CMSimple 5.16 allows the user to edit log.php file via print page.
Critical
Unreviewed
CVE-2024-57548
was published
Jan 28, 2025
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura...
High
Unreviewed
CVE-2025-24176
was published
Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS...
Critical
Unreviewed
CVE-2025-24174
was published
Jan 28, 2025
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia...
Critical
Unreviewed
CVE-2025-24135
was published
Jan 28, 2025
A use after free issue was addressed with improved memory management. This issue is fixed in...
High
Unreviewed
CVE-2025-24085
was published
Jan 28, 2025
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to...
High
Unreviewed
CVE-2025-0543
was published
Jan 25, 2025
Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin
High
CVE-2025-24399
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Jan 22, 2025
Cache confusion in Jenkins Eiffel Broadcaster Plugin
Moderate
CVE-2025-24400
was published
for
com.axis.jenkins.plugins.eiffel:eiffel-broadcaster
(Maven)
Jan 22, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated...
Critical
Unreviewed
CVE-2025-20156
was published
Jan 22, 2025
In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to...
High
Unreviewed
CVE-2024-49737
was published
Jan 22, 2025
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an...
High
Unreviewed
CVE-2024-49742
was published
Jan 22, 2025
In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit...
High
Unreviewed
CVE-2024-49736
was published
Jan 22, 2025
In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs...
High
Unreviewed
CVE-2024-34730
was published
Jan 22, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application...
Critical
Unreviewed
CVE-2024-57032
was published
Jan 17, 2025
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210...
Critical
Unreviewed
CVE-2024-57684
was published
Jan 16, 2025
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user...
High
Unreviewed
CVE-2024-46464
was published
Jan 10, 2025
Vaultwarden vulnerable to user impersonation
High
CVE-2024-55225
was published
for
vaultwarden
(Rust)
Jan 9, 2025
Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client...
Critical
Unreviewed
CVE-2024-46505
was published
Jan 9, 2025
ProTip!
Advisories are also available from the
GraphQL API