Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,109 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS... Moderate Unreviewed
CVE-2025-24099 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0742 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0741 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0743 was published Jan 30, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2024-54550 was published Jan 28, 2025
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that... Moderate Unreviewed
CVE-2023-50946 was published Jan 26, 2025
Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin Moderate
CVE-2025-24401 was published for io.jenkins.plugins:folder-auth (Maven) Jan 22, 2025
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs Moderate
CVE-2025-24397 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) Jan 22, 2025
Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21539 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21540 was published Jan 21, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-21533 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21537 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21517 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21519 was published Jan 21, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in... Moderate Unreviewed
CVE-2025-24460 was published Jan 21, 2025
On-Premises Data Gateway Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21403 was published Jan 14, 2025
Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing... Moderate Unreviewed
CVE-2024-13302 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Responsive and off-canvas menu allows Forceful... Moderate Unreviewed
CVE-2024-13266 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This... Moderate Unreviewed
CVE-2024-13290 was published Jan 9, 2025
Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor... Moderate Unreviewed
CVE-2024-56114 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing... Moderate Unreviewed
CVE-2024-13257 was published Jan 9, 2025
The WebChannel API, which is used to transport various information across processes, did not... Moderate Unreviewed
CVE-2025-0237 was published Jan 7, 2025
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2024-47148 was published Dec 26, 2024
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of... Moderate Unreviewed
CVE-2024-56348 was published Dec 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database