Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

713 advisories

Loading
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and... High Unreviewed
CVE-2025-34025 was published May 22, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... High Unreviewed
CVE-2025-40574 was published May 13, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24009 was published May 13, 2025
IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there... High Unreviewed
CVE-2025-26169 was published May 7, 2025
IXON VPN Client before 1.4.4 on Linux and macOS allows Local Privilege Escalation to root because... High Unreviewed
CVE-2025-26168 was published May 7, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder... High Unreviewed
CVE-2025-3394 was published Apr 30, 2025
An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H... High Unreviewed
CVE-2025-1731 was published Apr 22, 2025
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search... High Unreviewed
CVE-2025-30708 was published Apr 15, 2025
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed
CVE-2024-13861 was published Apr 11, 2025
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions ... High Unreviewed
CVE-2025-2098 was published Mar 26, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in... High Unreviewed
CVE-2024-10209 was published Mar 25, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
Dell ThinOS 2408 and prior, contains an improper permissions vulnerability. A low privileged... High Unreviewed
CVE-2025-27688 was published Mar 18, 2025
Below has Incorrect Permission Assignment for Critical Resource High
CVE-2025-27591 was published for below (Rust) Mar 11, 2025
mgerstner Credited to mgerstner
Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a... High Unreviewed
CVE-2025-22454 was published Mar 11, 2025
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a... High Unreviewed
CVE-2025-1067 was published Feb 25, 2025
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local... High Unreviewed
CVE-2024-13813 was published Feb 11, 2025
A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC... High Unreviewed
CVE-2025-23403 was published Feb 11, 2025
Under specific conditions, the Central Management Console of the SAP BusinessObjects Business... High Unreviewed
CVE-2025-0064 was published Feb 11, 2025
@tanstack/form-core prototype pollution High
CVE-2024-57068 was published for @tanstack/form-core (npm) Feb 6, 2025
Balastrong Credited to Balastrong
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability. High Unreviewed
CVE-2024-34897 was published Feb 3, 2025
An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an... High Unreviewed
CVE-2025-24527 was published Jan 29, 2025
An Incorrect Permission Assignment Vulnerability exists in the product and version listed above.... High Unreviewed
CVE-2025-24481 was published Jan 28, 2025
Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain... High Unreviewed
CVE-2024-57547 was published Jan 28, 2025
Develocity (formerly Gradle Enterprise) before 2024.1.8 has Incorrect Access Control. Project... High Unreviewed
CVE-2024-46881 was published Jan 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database