Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Windows Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-36934 was published May 24, 2022
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6... High Unreviewed
CVE-2018-13374 was published May 13, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation... Critical Unreviewed
CVE-2025-12004 was published Oct 21, 2025
A flaw was found in the OpenShift build process, where the docker-build container is configured... High Unreviewed
CVE-2024-45497 was published Dec 31, 2024
Liferay has Incorrect Permission Assignment for Critical Resource Moderate
CVE-2025-62251 was published for com.liferay:com.liferay.site.navigation.menu.item.asset.vocabulary (Maven) Oct 14, 2025
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with... Moderate Unreviewed
CVE-2025-31702 was published Oct 15, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed
CVE-2024-6360 was published Oct 2, 2024
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in... High Unreviewed
CVE-2025-57741 was published Oct 14, 2025
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via... Moderate Unreviewed
CVE-2020-24028 was published May 24, 2022
MacForge contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed
CVE-2025-10751 was published Oct 4, 2025
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions ... High Unreviewed
CVE-2025-2098 was published Mar 26, 2025
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx).... Critical Unreviewed
CVE-2025-1413 was published Feb 28, 2025
IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security... Moderate Unreviewed
CVE-2025-36193 was published Sep 29, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions Low
CVE-2025-59349 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... Moderate Unreviewed
CVE-2025-34189 was published Sep 19, 2025
Liferay Portal Commerce component has Incorrect Permission Assignment for Critical Resource Moderate
CVE-2025-43808 was published for com.liferay.commerce:com.liferay.commerce.product.type.virtual.service (Maven) Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-54497 was published Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-52873 was published Sep 19, 2025
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2025-10643 was published Sep 17, 2025
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged... Low Unreviewed
CVE-2025-0164 was published Sep 14, 2025
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation... High Unreviewed
CVE-2025-57392 was published Sep 10, 2025
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents... Moderate Unreviewed
CVE-2024-55955 was published Dec 31, 2024
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions... Critical Unreviewed
CVE-2025-40804 was published Sep 9, 2025
A low-privileged remote attacker could gain unauthorized access to critical resources, such as... High Unreviewed
CVE-2025-41664 was published Sep 8, 2025
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers.... Moderate Unreviewed
CVE-2025-10059 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database