Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,096 advisories

Loading
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29818 was published May 12, 2023
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade... Moderate Unreviewed
CVE-2023-21116 was published May 16, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29819 was published May 12, 2023
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs Moderate
CVE-2025-24397 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) Jan 22, 2025
Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin Moderate
CVE-2025-24401 was published for io.jenkins.plugins:folder-auth (Maven) Jan 22, 2025
Versions of Sage 300 through 2022 implement role-based access controls that are only enforced... Moderate Unreviewed
CVE-2023-29927 was published Jul 6, 2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21540 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21519 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21539 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2025-21537 was published Jan 21, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-21533 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21517 was published Jan 21, 2025
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in... Moderate Unreviewed
CVE-2025-24460 was published Jan 21, 2025
Apache Pulsar: Improper Authorization For Topic-Level Policy Management Moderate
CVE-2024-28098 was published for org.apache.pulsar:pulsar-broker (Maven) Mar 12, 2024
oscerd
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote... Moderate Unreviewed
CVE-2023-27384 was published May 23, 2023
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions Moderate
CVE-2022-36109 was published for github.com/docker/docker (Go) Sep 16, 2022
sjmurdoch neersighted
anonymous-nlp-student
Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor... Moderate Unreviewed
CVE-2024-56114 was published Jan 9, 2025
On-Premises Data Gateway Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21403 was published Jan 14, 2025
Incorrect Authorization vulnerability in Drupal Responsive and off-canvas menu allows Forceful... Moderate Unreviewed
CVE-2024-13266 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This... Moderate Unreviewed
CVE-2024-13290 was published Jan 9, 2025
OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls ... Moderate Unreviewed
CVE-2023-24600 was published May 29, 2023
Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing... Moderate Unreviewed
CVE-2024-13302 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing... Moderate Unreviewed
CVE-2024-13257 was published Jan 9, 2025
A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html... Moderate Unreviewed
CVE-2023-23604 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database