Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

121 advisories

Loading
Withdrawn Advisory: JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025 withdrawn
Mattermost did not properly restrict channel creation Low
CVE-2024-39837 was published for github.com/mattermost/mattermost-server (Go) Aug 1, 2024
In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated... Low Unreviewed
CVE-2025-44657 was published Jul 21, 2025
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ... Low Unreviewed
CVE-2025-50081 was published Jul 15, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access... Low Unreviewed
CVE-2025-49546 was published Jul 8, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2023-28197 was published Jan 11, 2024
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly... Low Unreviewed
CVE-2020-16241 was published May 24, 2022
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported... Low Unreviewed
CVE-2024-20912 was published Jan 17, 2024
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Low Unreviewed
CVE-2025-20076 was published May 13, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable... Low Unreviewed
CVE-2025-30700 was published Apr 15, 2025
Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite ... Low Unreviewed
CVE-2025-30731 was published Apr 15, 2025
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export... Low Unreviewed
CVE-2015-5464 was published May 17, 2022
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD... Low Unreviewed
CVE-2022-45430 was published Dec 27, 2022
An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS... Low Unreviewed
CVE-2023-42969 was published Apr 11, 2025
A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed
CVE-2025-3169 was published Apr 3, 2025
This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS... Low Unreviewed
CVE-2025-24193 was published Apr 1, 2025
A user authorized to access a view may be able to alter the intended collation, allowing them to... Low Unreviewed
CVE-2025-3082 was published Apr 1, 2025
The issue was addressed by restricting options offered on a locked device. This issue is fixed in... Low Unreviewed
CVE-2024-27819 was published Jun 10, 2024
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported... Low Unreviewed
CVE-2024-20911 was published Feb 17, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed... Low Unreviewed
CVE-2024-40822 was published Jul 30, 2024
A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and... Low Unreviewed
CVE-2024-27803 was published May 14, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and... Low Unreviewed
CVE-2023-42957 was published Jul 29, 2024
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the... Low Unreviewed
CVE-2025-25618 was published Mar 17, 2025
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ... Low Unreviewed
CVE-2024-21247 was published Oct 15, 2024
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local... Low Unreviewed
CVE-2023-42542 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database