Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,476 advisories

Loading
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell... High Unreviewed
CVE-2025-54545 was published Oct 30, 2025
On affected platforms, restricted users could use SSH port forwarding to access host-internal... High Unreviewed
CVE-2025-54546 was published Oct 30, 2025
An incorrect permission assignment for a critical resource vulnerability was discovered in... Moderate Unreviewed
CVE-2025-62688 was published Oct 24, 2025
Mattermost Server allows System Admin to modify LDAP account names and email addresses Low
CVE-2016-11077 was published for github.com/mattermost/mattermost-server (Go) May 24, 2022
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30... High Unreviewed
CVE-2021-23874 was published May 24, 2022
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing... High Unreviewed
CVE-2019-15752 was published May 24, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege... High Unreviewed
CVE-2022-22960 was published Apr 14, 2022
Windows Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-36934 was published May 24, 2022
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6... High Unreviewed
CVE-2018-13374 was published May 13, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation... Critical Unreviewed
CVE-2025-12004 was published Oct 21, 2025
A flaw was found in the OpenShift build process, where the docker-build container is configured... High Unreviewed
CVE-2024-45497 was published Dec 31, 2024
Liferay has Incorrect Permission Assignment for Critical Resource Moderate
CVE-2025-62251 was published for com.liferay:com.liferay.site.navigation.menu.item.asset.vocabulary (Maven) Oct 14, 2025
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with... Moderate Unreviewed
CVE-2025-31702 was published Oct 15, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed
CVE-2024-6360 was published Oct 2, 2024
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in... High Unreviewed
CVE-2025-57741 was published Oct 14, 2025
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via... Moderate Unreviewed
CVE-2020-24028 was published May 24, 2022
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions ... High Unreviewed
CVE-2025-2098 was published Mar 26, 2025
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx).... Critical Unreviewed
CVE-2025-1413 was published Feb 28, 2025
IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security... Moderate Unreviewed
CVE-2025-36193 was published Sep 29, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions Low
CVE-2025-59349 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi Credited to gaius-qi
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... Moderate Unreviewed
CVE-2025-34189 was published Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-52873 was published Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-54497 was published Sep 19, 2025
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2025-10643 was published Sep 17, 2025
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged... Low Unreviewed
CVE-2025-0164 was published Sep 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database