Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,444
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,364 advisories

Loading
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... High Unreviewed
CVE-2024-55957 was published Jan 22, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21540 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21519 was published Jan 21, 2025
Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service... High Unreviewed
CVE-2025-21516 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21537 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21539 was published Jan 21, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-21533 was published Jan 21, 2025
Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-21506 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21517 was published Jan 21, 2025
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content... High Unreviewed
CVE-2023-40132 was published Jan 22, 2025
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). ... High Unreviewed
CVE-2025-21532 was published Jan 21, 2025
XWiki users registered with email verification can self re-activate their disabled accounts High
CVE-2021-32620 was published for org.xwiki.commons:xwiki-commons-core (Maven) May 18, 2021
anonymous-nlp-student
AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to... High Unreviewed
CVE-2023-31726 was published May 24, 2023
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in... Moderate Unreviewed
CVE-2025-24460 was published Jan 21, 2025
Apache Pulsar: Improper Authorization For Topic-Level Policy Management Moderate
CVE-2024-28098 was published for org.apache.pulsar:pulsar-broker (Maven) Mar 12, 2024
oscerd
The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1... High Unreviewed
CVE-2023-23299 was published May 23, 2023
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote... Moderate Unreviewed
CVE-2023-27384 was published May 23, 2023
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions Moderate
CVE-2022-36109 was published for github.com/docker/docker (Go) Sep 16, 2022
sjmurdoch neersighted
anonymous-nlp-student
Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor... Moderate Unreviewed
CVE-2024-56114 was published Jan 9, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5,... High Unreviewed
CVE-2024-40771 was published Jan 15, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-22449 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
stevebeattie
Privilege escalation in XXL-Job High
CVE-2023-33779 was published for com.xuxueli:xxl-job (Maven) May 26, 2023
On-Premises Data Gateway Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21403 was published Jan 14, 2025
Incorrect Authorization vulnerability in Drupal Responsive and off-canvas menu allows Forceful... Moderate Unreviewed
CVE-2024-13266 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This... Moderate Unreviewed
CVE-2024-13290 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database