Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
When etcupdate encounters conflicts while merging files, it saves a version containing conflict... Moderate Unreviewed
CVE-2025-0374 was published Jan 30, 2025
Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow... Moderate Unreviewed
CVE-2024-36294 was published Nov 13, 2024
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local... Moderate Unreviewed
CVE-2024-45657 was published Feb 4, 2025
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow... Moderate Unreviewed
CVE-2024-36276 was published Nov 13, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21566 was published Jan 21, 2025
Insecure permissions in Aginode GigaSwitch v5 allows attackers to access sensitive information... Moderate Unreviewed
CVE-2024-39967 was published Jan 16, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21523 was published Jan 21, 2025
When Akka HTTP before 10.5.2 accepts file uploads via the FileUploadDirectives.fileUploadAll... Moderate Unreviewed
CVE-2023-33251 was published May 21, 2023
Apache Hive Incorrectly Assigns Permissions for a Critical Resource Moderate
CVE-2024-29869 was published for org.apache.hive:hive-exec (Maven) Jan 29, 2025
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified ... Moderate Unreviewed
CVE-2010-0488 was published May 2, 2022
Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File... Moderate Unreviewed
CVE-2024-54910 was published Jan 10, 2025
Active Support Possibly Discloses Locally Encrypted Files Moderate
CVE-2023-38037 was published for activesupport (RubyGems) Aug 23, 2023
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for... Moderate Unreviewed
CVE-2024-47475 was published Jan 6, 2025
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-49385 was published Jan 2, 2025
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2... Moderate Unreviewed
CVE-2024-38864 was published Dec 19, 2024
In multiple files, there is a possible way to access traces in the dev mode due to a permissions... Moderate Unreviewed
CVE-2023-21142 was published Jun 15, 2023
An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed
CVE-2020-15595 was published May 24, 2022
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical... Moderate Unreviewed
CVE-2024-47104 was published Dec 18, 2024
The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12255 was published Dec 12, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open... Moderate Unreviewed
CVE-2024-12564 was published Dec 12, 2024
In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices... Moderate Unreviewed
CVE-2024-8256 was published Dec 10, 2024
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0... Moderate Unreviewed
CVE-2024-12151 was published Dec 4, 2024
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8... Moderate Unreviewed
CVE-2024-45841 was published Dec 5, 2024
Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed
CVE-2024-21063 was published Apr 17, 2024
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp... Moderate Unreviewed
CVE-2024-54159 was published Nov 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database