Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,883
Maven
5,000+
npm
4,522
NuGet
785
pip
4,262
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,396 advisories

Loading
filebrowser Sets Insecure File Permissions Moderate
CVE-2025-52900 was published for github.com/filebrowser/filebrowser (Go) Jun 27, 2025
mtausig hacdias
Credited to mtausig and hacdias
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user... Critical Unreviewed
CVE-2014-7210 was published Jun 26, 2025
A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local... Moderate Unreviewed
CVE-2025-39201 was published Jun 24, 2025
The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5963 was published Jun 20, 2025
The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed
CVE-2025-5255 was published Jun 20, 2025
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact Moderate
CVE-2025-6264 was published for www.velocidex.com/golang/velociraptor (Go) Jun 20, 2025
Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed... Critical Unreviewed
CVE-2025-6179 was published Jun 16, 2025
In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-36632 was published Jun 16, 2025
An incorrect default permissions vulnerability was reported in the MotoSignature application that... Low Unreviewed
CVE-2025-1699 was published Jun 11, 2025
A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected... Critical Unreviewed
CVE-2025-40585 was published Jun 10, 2025
Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed
CVE-2025-48959 was published Jun 4, 2025
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code... High Unreviewed
CVE-2025-46355 was published Jun 3, 2025
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free... High Unreviewed
CVE-2025-23105 was published Jun 2, 2025
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow... High Unreviewed
CVE-2025-2502 was published May 30, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-31261 was published May 30, 2025
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and... Moderate Unreviewed
CVE-2025-4081 was published May 29, 2025
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the... Moderate Unreviewed
CVE-2025-4412 was published May 27, 2025
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622,... Moderate Unreviewed
CVE-2025-46803 was published May 26, 2025
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of... Moderate Unreviewed
CVE-2024-13948 was published May 22, 2025
An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged... High Unreviewed
CVE-2025-43596 was published May 22, 2025
Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18... Moderate Unreviewed
CVE-2024-45067 was published May 15, 2025
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may... Moderate Unreviewed
CVE-2025-20095 was published May 13, 2025
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an... Moderate Unreviewed
CVE-2024-28954 was published May 13, 2025
Incorrect default permissions for some Endurance Gaming Mode software installers may allow an... Moderate Unreviewed
CVE-2024-47550 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database