GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,306

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

76 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In onCreate of WifiDialogActivity.java, there is a possible way to bypass the... High Unreviewed

CVE-2024-23704 was published May 7, 2024

An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An... Low Unreviewed

CVE-2024-42194 was published Dec 17, 2024

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to... High Unreviewed

CVE-2024-43705 was published Dec 28, 2024

Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege... High Unreviewed

CVE-2025-22395 was published Jan 7, 2025

An attacker who successfully exploited these vulnerabilities could cause enable command execution... High Unreviewed

CVE-2024-12430 was published Jan 7, 2025

Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects Moderate

CVE-2024-36112 was published for nautobot (pip) May 29, 2024

An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain... Critical Unreviewed

CVE-2024-24116 was published Oct 2, 2024

The product does not handle or incorrectly handles when it has insufficient privileges to access... Moderate Unreviewed

CVE-2024-6697 was published Feb 20, 2025

Xuxueli xxl-job allows attacker to obtain sensitive information via the pageList parameter High

CVE-2023-27087 was published for com.xuxueli:xxl-job (Maven) Mar 21, 2023

In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission... Moderate Unreviewed

CVE-2025-20649 was published Mar 3, 2025

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary... High Unreviewed

CVE-2024-0015 was published Feb 16, 2024

IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands... High Unreviewed

CVE-2024-51459 was published Mar 19, 2025

Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed

CVE-2025-0478 was published Mar 24, 2025

An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B... Moderate Unreviewed

CVE-2024-8315 was published Mar 25, 2025

An issue was discovered in Common-Services "So Flexibilite" (soflexibilite) module for PrestaShop... High Unreviewed

CVE-2024-25844 was published Mar 3, 2024

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful... High Unreviewed

CVE-2025-31173 was published Apr 7, 2025

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful... High Unreviewed

CVE-2025-31172 was published Apr 7, 2025

Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed

CVE-2025-0468 was published Apr 4, 2025

Missing permissions check in Liferay Portal Moderate

CVE-2022-42126 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022

Vulnerability of improper authentication logic implementation in the file system module Impact:... High Unreviewed

CVE-2025-46584 was published May 6, 2025

An authenticated user without user administrative permissions could change the administrator... High Unreviewed

CVE-2025-46740 was published May 12, 2025

The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia... High Unreviewed

CVE-2025-30453 was published May 13, 2025

Yggdrasil Vulnerable to Local Privilege Escalation High

CVE-2025-3931 was published for github.com/redhatinsights/yggdrasil (Go) May 14, 2025

Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an... High Unreviewed

CVE-2025-29826 was published May 13, 2025

An improper permission handling vulnerability was reported in Lenovo PC Manager that could allow... Moderate Unreviewed

CVE-2025-2503 was published May 30, 2025

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

76 advisories