Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,883
Maven
5,000+
npm
4,522
NuGet
785
pip
4,262
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,396 advisories

Loading
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly... Moderate Unreviewed
CVE-2025-13193 was published Nov 17, 2025
An improper permissions vulnerability was reported in Lenovo App Store that could allow a local... High Unreviewed
CVE-2025-8485 was published Nov 12, 2025
An improper default permission vulnerability was reported in Lenovo Dock Manager that, under... Moderate Unreviewed
CVE-2025-8421 was published Nov 12, 2025
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system... High Unreviewed
CVE-2025-11567 was published Nov 12, 2025
Incorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3:... Moderate Unreviewed
CVE-2025-30518 was published Nov 11, 2025
Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring... High Unreviewed
CVE-2025-32091 was published Nov 11, 2025
Incorrect default permissions for some Intel(R) Thread Director Visualizer software before... Moderate Unreviewed
CVE-2025-31940 was published Nov 11, 2025
Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8... Moderate Unreviewed
CVE-2025-27246 was published Nov 11, 2025
Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software... Moderate Unreviewed
CVE-2025-27711 was published Nov 11, 2025
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects... High Unreviewed
CVE-2025-13025 was published Nov 11, 2025
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4... High Unreviewed
CVE-2025-10918 was published Nov 11, 2025
KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes Moderate
CVE-2025-64436 was published for kubevirt.io/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
A privacy issue was addressed by moving sensitive data. This issue is fixed in watchOS 26.1, iOS... Moderate Unreviewed
CVE-2025-43507 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26... Moderate Unreviewed
CVE-2025-43444 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1... High Unreviewed
CVE-2025-43442 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1... High Unreviewed
CVE-2025-43350 was published Nov 4, 2025
Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows... High Unreviewed
CVE-2025-8432 was published Oct 27, 2025
An Insecure Permission vulnerability in pgcodekeeper 10.12.0 allows a local attacker to obtain... Moderate Unreviewed
CVE-2025-46185 was published Oct 24, 2025
A container privilege escalation flaw was found in certain Container-native Virtualization images... Moderate Unreviewed
CVE-2025-57848 was published Oct 23, 2025
Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege... High Unreviewed
CVE-2025-12100 was published Oct 23, 2025
NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate... High Unreviewed
CVE-2025-23347 was published Oct 23, 2025
Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows... High Unreviewed
CVE-2025-11575 was published Oct 23, 2025
A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems... Moderate Unreviewed
CVE-2025-58712 was published Oct 22, 2025
The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions... High Unreviewed
CVE-2025-61035 was published Oct 22, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks... Moderate Unreviewed
CVE-2025-62661 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database