Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,883
Maven
5,000+
npm
4,522
NuGet
785
pip
4,262
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,396 advisories

Loading
ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions... High Unreviewed
CVE-2025-62577 was published Oct 20, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed
CVE-2025-62668 was published Oct 18, 2025
Newforma Info Exchange (NIX) before version 2023.1 by default allows anonymous authentication... Moderate Unreviewed
CVE-2025-35062 was published Oct 9, 2025
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install... High Unreviewed
CVE-2025-11535 was published Oct 9, 2025
CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute... Moderate Unreviewed
CVE-2025-54086 was published Oct 2, 2025
NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation... High Unreviewed
CVE-2025-23297 was published Oct 2, 2025
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue... Moderate Unreviewed
CVE-2025-57852 was published Sep 30, 2025
Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in... Low Unreviewed
CVE-2025-36857 was published Sep 25, 2025
A local attacker with low privileges on the Windows system where the software is installed can... Moderate Unreviewed
CVE-2025-53947 was published Sep 18, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions Low
CVE-2025-59349 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability.... High Unreviewed
CVE-2025-57625 was published Sep 16, 2025
Certain files with overly permissive permissions were identified in the out-of-support Control-M... Moderate Unreviewed
CVE-2025-55111 was published Sep 16, 2025
Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s)... High Unreviewed
CVE-2025-43725 was published Sep 10, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Incorrect... High Unreviewed
CVE-2025-43887 was published Sep 10, 2025
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that,... High Unreviewed
CVE-2025-10231 was published Sep 10, 2025
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input... Moderate Unreviewed
CVE-2025-22425 was published Sep 4, 2025
Apache DolphinScheduler Incorrect Default Permissions Vulnerability Low
CVE-2024-43166 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Sep 3, 2025
Multiple i-フィルター products contain an issue with incorrect default permissions. If this... High Unreviewed
CVE-2025-57846 was published Aug 27, 2025
The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed
CVE-2025-9190 was published Aug 26, 2025
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed
CVE-2025-53811 was published Aug 26, 2025
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed
CVE-2025-53813 was published Aug 26, 2025
An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local... High Unreviewed
CVE-2025-8098 was published Aug 18, 2025
Incorrect default permissions for some Intel(R) Distribution for Python software installers... Moderate Unreviewed
CVE-2025-26470 was published Aug 12, 2025
Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may... Moderate Unreviewed
CVE-2025-27559 was published Aug 12, 2025
Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may... Moderate Unreviewed
CVE-2025-20087 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database