Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,413
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,656
Pub
13
RubyGems
1,027
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,476 advisories

Loading
Duplicate Advisory: npm cli Uncontrolled Search Path Element Local Privilege Escalation Vulnerability High
CVE-2026-0775 was published for npm (npm) Jan 23, 2026 withdrawn
Mauripache Credited to Mauripache
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10,... Moderate Unreviewed
CVE-2026-22280 was published Jan 22, 2026
A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could... Moderate Unreviewed
CVE-2026-20092 was published Jan 21, 2026
IBM Licensing Operator incorrectly assigns privileges to security critical files which could... High Unreviewed
CVE-2025-12985 was published Jan 20, 2026
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that... High Unreviewed
CVE-2021-47756 was published Jan 16, 2026
An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon... Moderate Unreviewed
CVE-2025-59961 was published Jan 15, 2026
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers... High Unreviewed
CVE-2022-50931 was published Jan 14, 2026
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded... Critical Unreviewed
CVE-2025-69426 was published Jan 9, 2026
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to... High Unreviewed
CVE-2025-14979 was published Jan 6, 2026
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that... High Unreviewed
CVE-2020-36916 was published Jan 6, 2026
Epic Games Psyonix Rocket League <=1.95 contains an insecure permissions vulnerability that... High Unreviewed
CVE-2021-47742 was published Dec 31, 2025
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22). The... High Unreviewed
CVE-2025-64699 was published Dec 31, 2025
inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in... High Unreviewed
CVE-2025-66723 was published Dec 30, 2025
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows... High Unreviewed
CVE-2019-25245 was published Dec 24, 2025
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-13703 was published Dec 24, 2025
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to... High Unreviewed
CVE-2022-50690 was published Dec 23, 2025
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate... High Unreviewed
CVE-2023-53949 was published Dec 19, 2025
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service.... High Unreviewed
CVE-2025-13941 was published Dec 19, 2025
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory,... Low Unreviewed
CVE-2025-68462 was published Dec 18, 2025
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25... Moderate Unreviewed
CVE-2025-67794 was published Dec 18, 2025
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an... High Unreviewed
CVE-2025-34288 was published Dec 17, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43470 was published Dec 12, 2025
BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed
CVE-2025-13733 was published Dec 12, 2025
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4).... Low Unreviewed
CVE-2025-40818 was published Dec 9, 2025
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0... Moderate Unreviewed
CVE-2025-8148 was published Dec 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database