Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622,... Moderate Unreviewed
CVE-2025-46803 was published May 26, 2025
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the... Moderate Unreviewed
CVE-2025-4412 was published May 27, 2025
Rancher Webhook is misconfigured during upgrade process Critical
CVE-2023-22651 was published for github.com/rancher/rancher (Go) Apr 24, 2023
pjbgf
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated,... High Unreviewed
CVE-2021-3187 was published Dec 12, 2023
A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This... Critical Unreviewed
CVE-2021-4297 was published Jan 1, 2023
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
Liferay Portal and Liferay DXP Don't Check Permissions of Pages Moderate
CVE-2021-33324 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Liferay Portal and Liferay DXP Fails to Check User Permissions for Workflow Submissions Moderate
CVE-2021-33333 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and... Moderate Unreviewed
CVE-2025-4081 was published May 29, 2025
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed
CVE-2023-40076 was published Dec 5, 2023
There is elevation of privilege. Critical Unreviewed
CVE-2023-21216 was published Dec 5, 2023
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow... High Unreviewed
CVE-2025-2502 was published May 30, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-31261 was published May 30, 2025
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free... High Unreviewed
CVE-2025-23105 was published Jun 2, 2025
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code... High Unreviewed
CVE-2025-46355 was published Jun 3, 2025
Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed
CVE-2025-48959 was published Jun 4, 2025
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed
CVE-2024-23301 was published Jan 13, 2024
A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected... Critical Unreviewed
CVE-2025-40585 was published Jun 10, 2025
An incorrect default permissions vulnerability was reported in the MotoSignature application that... Low Unreviewed
CVE-2025-1699 was published Jun 11, 2025
In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-36632 was published Jun 16, 2025
Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed... Critical Unreviewed
CVE-2025-6179 was published Jun 16, 2025
The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5963 was published Jun 20, 2025
The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5255 was published Jun 20, 2025
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact Moderate
CVE-2025-6264 was published for www.velocidex.com/golang/velociraptor (Go) Jun 20, 2025
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database