Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,872
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

648 advisories

Loading
Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a... High Unreviewed
CVE-2025-27216 was published Aug 21, 2025
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default High
CVE-2024-7594 was published for github.com/hashicorp/vault (Go) Sep 26, 2024
westonsteimel cipherboy
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical... High Unreviewed
CVE-2019-4702 was published May 24, 2022
GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file... High Unreviewed
CVE-2025-50675 was published Aug 7, 2025
A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime... High Unreviewed
CVE-2025-41659 was published Aug 4, 2025
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
A flaw was found in the OpenShift build process, where the docker-build container is configured... High Unreviewed
CVE-2024-45497 was published Dec 31, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin... High Unreviewed
CVE-2025-27446 was published Jul 6, 2025
Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of... High Unreviewed
CVE-2025-36537 was published Jun 26, 2025
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2025-48961 was published Jun 4, 2025
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new... High Unreviewed
CVE-2025-20298 was published Jun 2, 2025
Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to... High Unreviewed
CVE-2022-40298 was published Sep 25, 2022
A Privilege Escalation vulnerability has been found in ProactivaNet v3.24.0.0 from Grupo Espiral... High Unreviewed
CVE-2025-40672 was published May 26, 2025
Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and... High Unreviewed
CVE-2025-45472 was published May 22, 2025
Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and... High Unreviewed
CVE-2025-45471 was published May 22, 2025
Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges... High Unreviewed
CVE-2025-45468 was published May 22, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework... High Unreviewed
CVE-2025-3944 was published May 22, 2025
GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-2759 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and... High Unreviewed
CVE-2025-34025 was published May 22, 2025
If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15... High Unreviewed
CVE-2022-40756 was published Oct 1, 2022
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... High Unreviewed
CVE-2025-40574 was published May 13, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24009 was published May 13, 2025
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms... High Unreviewed
CVE-2023-24626 was published Apr 8, 2023
IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there... High Unreviewed
CVE-2025-26169 was published May 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database