GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,547
Composer 4,835
Erlang 36
GitHub Actions 33
Go 2,452
Maven 5,863
npm 4,077
NuGet 723
pip 3,869
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,623

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they... Moderate Unreviewed

CVE-2025-1139 was published Aug 20, 2025

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start... Critical Unreviewed

CVE-2025-8042 was published Aug 19, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 17.11.6, 18... Moderate Unreviewed

CVE-2025-5819 was published Aug 13, 2025

GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file... High Unreviewed

CVE-2025-50675 was published Aug 7, 2025

Permission control vulnerability in the distributed clipboard module. Impact: Successful... Moderate Unreviewed

CVE-2025-54618 was published Aug 6, 2025

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows... Critical Unreviewed

CVE-2025-46093 was published Aug 5, 2025

A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime... High Unreviewed

CVE-2025-41659 was published Aug 4, 2025

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where it allows a guest... Moderate Unreviewed

CVE-2025-23285 was published Aug 3, 2025

Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view... Critical Unreviewed

CVE-2025-45150 was published Aug 1, 2025

Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a... Critical Unreviewed

CVE-2014-125121 was published Jul 31, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2025-43266 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2025-43247 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43243 was published Jul 30, 2025

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues... Critical Unreviewed

CVE-2025-26469 was published Jul 28, 2025

The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker... Critical Unreviewed

CVE-2017-20198 was published Jul 23, 2025

IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed

CVE-2025-36104 was published Jul 12, 2025

Enables an authenticated user (enrolled device) to access a service protected by Sentry even if... Moderate Unreviewed

CVE-2023-39338 was published Jul 12, 2025

Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin... High Unreviewed

CVE-2025-27446 was published Jul 6, 2025

The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build... Low Unreviewed

CVE-2025-52992 was published Jun 27, 2025

Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper... Moderate Unreviewed

CVE-2025-5995 was published Jun 26, 2025

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of... High Unreviewed

CVE-2025-36537 was published Jun 26, 2025

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with... Moderate Unreviewed

CVE-2024-11584 was published Jun 26, 2025

Sangfor aTrust through 2.4.10 allows users to modify the ExecStartPre command. Moderate Unreviewed

CVE-2025-52923 was published Jun 22, 2025

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2025-48961 was published Jun 4, 2025

IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform... Moderate Unreviewed

CVE-2024-45655 was published Jun 3, 2025

Previous 1 2 3 4 5 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories