GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,256 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0... Moderate Unreviewed

CVE-2025-8148 was published Dec 5, 2025

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new... High Unreviewed

CVE-2025-20387 was published Dec 3, 2025

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new... High Unreviewed

CVE-2025-20386 was published Dec 3, 2025

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer... High Unreviewed

CVE-2025-64298 was published Dec 2, 2025

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure... High Unreviewed

CVE-2025-64642 was published Dec 2, 2025

NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user... High Unreviewed

CVE-2025-62575 was published Dec 2, 2025

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due... High Unreviewed

CVE-2025-34323 was published Nov 17, 2025

A mechanism to bypass file system access protections in the sandbox using the file system request... Critical Unreviewed

CVE-2017-5456 was published May 13, 2022

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System... High Unreviewed

CVE-2025-59373 was published Nov 25, 2025

In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the... Moderate Unreviewed

CVE-2025-64996 was published Nov 18, 2025

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed

CVE-2025-43079 was published Nov 10, 2025

A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70).... Moderate Unreviewed

CVE-2023-31238 was published Jun 13, 2023

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... Moderate Unreviewed

CVE-2024-32014 was published Nov 11, 2025

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed

CVE-2024-32010 was published Nov 11, 2025

An ACAP configuration file has improper permissions, which could allow command injection and... Moderate Unreviewed

CVE-2025-6779 was published Nov 11, 2025

An ACAP configuration file has improper permissions and lacks input validation, which could... Moderate Unreviewed

CVE-2025-8108 was published Nov 11, 2025

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets... Moderate Unreviewed

CVE-2025-34135 was published Oct 31, 2025

Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which... High Unreviewed

CVE-2025-34287 was published Oct 31, 2025

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-57520 was published Feb 6, 2025

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft... Moderate Unreviewed

CVE-2025-64319 was published Nov 4, 2025

Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin... High Unreviewed

CVE-2025-27446 was published Jul 6, 2025

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce... Moderate Unreviewed

CVE-2025-64322 was published Nov 4, 2025

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-23223 was published Jan 23, 2024

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS... Moderate Unreviewed

CVE-2023-42924 was published Dec 12, 2023

In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Moderate Unreviewed

CVE-2022-48257 was published Jan 13, 2023

Previous1…51 Next

Previous 1 2 3 4 5 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,256 advisories