Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

858 advisories

Loading
Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey allows any logged-in... High Unreviewed
CVE-2025-13829 was published Dec 1, 2025
SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with... High Unreviewed
CVE-2025-62730 was published Nov 20, 2025
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications,... High Unreviewed
CVE-2024-37002 was published Jun 25, 2024
Fujitsu iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is... High Unreviewed
CVE-2025-65002 was published Nov 12, 2025
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability.... High Unreviewed
CVE-2025-61830 was published Nov 11, 2025
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users... High Unreviewed
CVE-2025-11862 was published Nov 11, 2025
Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the... High Unreviewed
CVE-2025-37736 was published Nov 8, 2025
Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability... High Unreviewed
CVE-2025-34273 was published Oct 31, 2025
Nagios Log Server versions prior to 2024R1 contain an incorrect authorization vulnerability.... High Unreviewed
CVE-2023-7322 was published Oct 31, 2025
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux... High Unreviewed
CVE-2025-6018 was published Jul 23, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2023-42860 was published Feb 21, 2024
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby... High Unreviewed
CVE-2020-26560 was published May 24, 2022
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby... High Unreviewed
CVE-2020-26559 was published May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without... High Unreviewed
CVE-2020-26557 was published May 24, 2022
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-40770 was published Sep 17, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A... High Unreviewed
CVE-2024-44162 was published Sep 17, 2024
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP... High Unreviewed
CVE-2023-46753 was published Oct 26, 2023
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43387 was published Nov 4, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... High Unreviewed
CVE-2024-44289 was published Oct 28, 2024
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access... High Unreviewed
CVE-2024-48651 was published Nov 29, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1... High Unreviewed
CVE-2024-44270 was published Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-44196 was published Oct 28, 2024
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2... High Unreviewed
CVE-2025-24221 was published Apr 1, 2025
An authorization issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24200 was published Feb 10, 2025
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially... High Unreviewed
CVE-2022-39958 was published Sep 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database