Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,783
Erlang
36
GitHub Actions
29
Go
2,353
Maven
5,000+
npm
3,977
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

482 advisories

Loading
A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local... Moderate Unreviewed
CVE-2025-39201 was published Jun 24, 2025
The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5963 was published Jun 20, 2025
The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5255 was published Jun 20, 2025
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact Moderate
CVE-2025-6264 was published for www.velocidex.com/golang/velociraptor (Go) Jun 20, 2025
Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed
CVE-2025-48959 was published Jun 4, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-31261 was published May 30, 2025
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and... Moderate Unreviewed
CVE-2025-4081 was published May 29, 2025
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the... Moderate Unreviewed
CVE-2025-4412 was published May 27, 2025
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622,... Moderate Unreviewed
CVE-2025-46803 was published May 26, 2025
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of... Moderate Unreviewed
CVE-2024-13948 was published May 22, 2025
Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18... Moderate Unreviewed
CVE-2024-45067 was published May 15, 2025
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may... Moderate Unreviewed
CVE-2025-20095 was published May 13, 2025
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an... Moderate Unreviewed
CVE-2024-28954 was published May 13, 2025
Incorrect default permissions for some Endurance Gaming Mode software installers may allow an... Moderate Unreviewed
CVE-2024-47550 was published May 13, 2025
Permission control vulnerability in the media library module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-46587 was published May 6, 2025
Permission control vulnerability in the contacts module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-46586 was published May 6, 2025
The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11088 was published Apr 5, 2025
The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory... Moderate Unreviewed
CVE-2025-2781 was published Mar 29, 2025
The WatchGuard Terminal Services Agent on Windows does not properly configure directory... Moderate Unreviewed
CVE-2025-2782 was published Mar 29, 2025
Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66 Moderate
CVE-2025-27612 was published for libcontainer (Rust) Mar 21, 2025
YJDoc2 utam0k
jprendes
This issue was addressed through improved state management. This issue is fixed in visionOS 1.3,... Moderate Unreviewed
CVE-2024-54564 was published Mar 21, 2025
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration... Moderate Unreviewed
CVE-2025-27926 was published Mar 11, 2025
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission... Moderate Unreviewed
CVE-2025-21106 was published Feb 20, 2025
Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software... Moderate Unreviewed
CVE-2024-42419 was published Feb 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database