Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

412 advisories

Loading
A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local... Moderate Unreviewed
CVE-2025-39201 was published Jun 24, 2025
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5255 was published Jun 20, 2025
The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5963 was published Jun 20, 2025
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed
CVE-2024-23301 was published Jan 13, 2024
Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed
CVE-2025-48959 was published Jun 4, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-31261 was published May 30, 2025
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed
CVE-2023-40076 was published Dec 5, 2023
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and... Moderate Unreviewed
CVE-2025-4081 was published May 29, 2025
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the... Moderate Unreviewed
CVE-2025-4412 was published May 27, 2025
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622,... Moderate Unreviewed
CVE-2025-46803 was published May 26, 2025
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of... Moderate Unreviewed
CVE-2024-13948 was published May 22, 2025
Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18... Moderate Unreviewed
CVE-2024-45067 was published May 15, 2025
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may... Moderate Unreviewed
CVE-2025-20095 was published May 13, 2025
Incorrect default permissions for some Endurance Gaming Mode software installers may allow an... Moderate Unreviewed
CVE-2024-47550 was published May 13, 2025
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an... Moderate Unreviewed
CVE-2024-28954 was published May 13, 2025
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed
CVE-2022-36439 was published Oct 18, 2022
Permission control vulnerability in the contacts module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-46586 was published May 6, 2025
Permission control vulnerability in the media library module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-46587 was published May 6, 2025
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may... Moderate Unreviewed
CVE-2021-33166 was published Feb 11, 2022
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2021-0093 was published Feb 11, 2022
In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data... Moderate Unreviewed
CVE-2022-20448 was published Nov 9, 2022
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a... Moderate Unreviewed
CVE-2022-20465 was published Nov 9, 2022
There is a vulnerability in permission verification during the Bluetooth pairing process.... Moderate Unreviewed
CVE-2022-44548 was published Nov 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database