Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

632 advisories

Loading
A potential vulnerability has been identified in the system BIOS for certain HP PC products which... High Unreviewed
CVE-2022-37018 was published Dec 12, 2022
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access... High Unreviewed
CVE-2025-42598 was published Apr 28, 2025
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12,... High Unreviewed
CVE-2022-46382 was published Dec 6, 2022
In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to... High Unreviewed
CVE-2022-20495 was published Dec 13, 2022
In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System... High Unreviewed
CVE-2022-20474 was published Dec 13, 2022
In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets... High Unreviewed
CVE-2022-20475 was published Dec 13, 2022
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation... High Unreviewed
CVE-2016-6914 was published May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote... High Unreviewed
CVE-2017-16522 was published May 13, 2022
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak... High Unreviewed
CVE-2017-11741 was published May 13, 2022
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions ... High Unreviewed
CVE-2017-11156 was published May 13, 2022
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an... High Unreviewed
CVE-2017-8625 was published May 13, 2022
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). ... High Unreviewed
CVE-2025-30706 was published Apr 15, 2025
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the... High Unreviewed
CVE-2025-3617 was published Apr 15, 2025
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted... High Unreviewed
CVE-2022-29909 was published Dec 22, 2022
Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that... High Unreviewed
CVE-2025-30701 was published Apr 15, 2025
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple... High Unreviewed
CVE-2022-3155 was published Dec 22, 2022
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products.... High Unreviewed
CVE-2019-9579 was published Dec 26, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business... High Unreviewed
CVE-2016-3943 was published May 13, 2022
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering... High Unreviewed
CVE-2015-7378 was published May 13, 2022
Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions High
CVE-2023-42261 was published for mobsf (pip) Sep 22, 2023 withdrawn
A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows... High Unreviewed
CVE-2025-23386 was published Apr 10, 2025
The system has a vulnerability that may cause dynamic hiding and restoring of app icons... High Unreviewed
CVE-2022-46761 was published Jan 6, 2023
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to... High Unreviewed
CVE-2024-0259 was published Mar 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database