Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version... Low Unreviewed
CVE-2024-32368 was published Apr 22, 2024
MacPaw The Unarchiver before 4.3.6 contains vulnerability related to missing quarantine... Low Unreviewed
CVE-2023-46270 was published Apr 29, 2024
It was identified that in certain versions of Octopus Server, that a user created with no... Low Unreviewed
CVE-2024-4226 was published Apr 30, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Low Unreviewed
CVE-2024-21123 was published Jul 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2024-40792 was published Oct 28, 2024
Moodle has insufficient access control Low
CVE-2024-43430 was published for moodle/moodle (Composer) Nov 11, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an... Low Unreviewed
CVE-2024-42188 was published Nov 14, 2024
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed
CVE-2024-53921 was published Dec 3, 2024
AWS CDK CodePipeline: trusted entities are too broad Low
GHSA-5pq3-h73f-66hr was published for aws-cdk-lib (npm) Mar 24, 2025
An incorrect default permissions vulnerability was reported in the MotoSignature application that... Low Unreviewed
CVE-2025-1699 was published Jun 11, 2025
The Nix, Lix, and Guix package managers default to using temporary build directories in a world... Low Unreviewed
CVE-2025-52991 was published Jun 27, 2025
Apache DolphinScheduler Incorrect Default Permissions Vulnerability Low
CVE-2024-43166 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Sep 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database