GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
Deno has --allow-read / --allow-write permission bypass in `node:sqlite`
Moderate
CVE-2025-48935
was published
for
deno
(Rust)
Jun 4, 2025
Deno run with --allow-read and --deny-read flags results in allowed
Moderate
CVE-2025-48888
was published
for
deno
(Rust)
Jun 4, 2025
tendermint-rs's Light Client Verifier allows malicious validators to spoof votes from other validators
High
GHSA-6jrf-4jv4-r9mw
was published
for
tendermint-light-client-verifier
(Rust)
Apr 9, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods
Low
CVE-2025-27512
was published
for
zincati
(Rust)
Mar 17, 2025
matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check
Moderate
CVE-2024-40648
was published
for
matrix-sdk-crypto
(Rust)
Jul 18, 2024
Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
High
CVE-2024-34346
was published
for
deno
(Rust)
May 8, 2024
Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass
High
CVE-2024-27933
was published
for
deno
(Rust)
Mar 6, 2024
Sandbox bypass leading to arbitrary code execution in Deno
Critical
CVE-2022-24783
was published
for
deno
(Rust)
Mar 29, 2022
Deno's static imports inside dynamically imported modules do not adhere to permission checks
Critical
CVE-2021-32619
was published
for
deno
(Rust)
Sep 23, 2021
ProTip!
Advisories are also available from the
GraphQL API