Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-52873 was published Sep 19, 2025
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2025-10643 was published Sep 17, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions Low
CVE-2025-59349 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged... Low Unreviewed
CVE-2025-0164 was published Sep 14, 2025
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation... High Unreviewed
CVE-2025-57392 was published Sep 10, 2025
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions... Critical Unreviewed
CVE-2025-40804 was published Sep 9, 2025
A low-privileged remote attacker could gain unauthorized access to critical resources, such as... High Unreviewed
CVE-2025-41664 was published Sep 8, 2025
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers.... Moderate Unreviewed
CVE-2025-10059 was published Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an... High Unreviewed
CVE-2025-23257 was published Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that... High Unreviewed
CVE-2025-23258 was published Sep 5, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43268 was published Aug 29, 2025
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2025-9578 was published Aug 28, 2025
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and... High Unreviewed
CVE-2025-53396 was published Aug 28, 2025
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for... High Unreviewed
CVE-2025-43729 was published Aug 27, 2025
The configuration file containing database logins and passwords is readable by any local user. Critical Unreviewed
CVE-2025-30063 was published Aug 27, 2025
In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due... High Unreviewed
CVE-2025-0093 was published Aug 27, 2025
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior... Critical Unreviewed
CVE-2025-4609 was published Aug 22, 2025
Liferay Portal users are able to add system admin portlets to pages Moderate
CVE-2025-43759 was published for com.liferay:com.liferay.layout.impl (Maven) Aug 22, 2025
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to... High Unreviewed
CVE-2025-52094 was published Aug 22, 2025
Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains an Incorrect Permission... Moderate Unreviewed
CVE-2025-38742 was published Aug 21, 2025
Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrarily reset the system via... High Unreviewed
CVE-2025-55524 was published Aug 21, 2025
Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a... High Unreviewed
CVE-2025-27216 was published Aug 21, 2025
IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they... Moderate Unreviewed
CVE-2025-1139 was published Aug 20, 2025
Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start... Critical Unreviewed
CVE-2025-8042 was published Aug 19, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 17.11.6, 18... Moderate Unreviewed
CVE-2025-5819 was published Aug 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database