Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

650 advisories

Loading
Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical... High Unreviewed
CVE-2026-22768 was published Apr 1, 2026
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate... High Unreviewed
CVE-2026-34352 was published Mar 27, 2026
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ... High Unreviewed
CVE-2026-24291 was published Mar 10, 2026
IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local... High Unreviewed
CVE-2026-29125 was published Mar 5, 2026
Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in... High Unreviewed
CVE-2026-29126 was published Mar 5, 2026
iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged... High Unreviewed
CVE-2026-2637 was published Mar 3, 2026
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File... High Unreviewed
CVE-2026-26096 was published Feb 20, 2026
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File... High Unreviewed
CVE-2026-26095 was published Feb 20, 2026
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File... High Unreviewed
CVE-2026-26102 was published Feb 20, 2026
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File... High Unreviewed
CVE-2026-26101 was published Feb 20, 2026
IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system... High Unreviewed
CVE-2025-33088 was published Feb 18, 2026
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system... High Unreviewed
CVE-2026-23648 was published Feb 17, 2026
NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to... High Unreviewed
CVE-2019-25343 was published Feb 12, 2026
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local... High Unreviewed
CVE-2019-25344 was published Feb 12, 2026
Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to... High Unreviewed
CVE-2025-61969 was published Feb 11, 2026
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated... High Unreviewed
CVE-2020-36938 was published Jan 27, 2026
IBM Licensing Operator incorrectly assigns privileges to security critical files which could... High Unreviewed
CVE-2025-12985 was published Jan 20, 2026
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that... High Unreviewed
CVE-2021-47756 was published Jan 16, 2026
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers... High Unreviewed
CVE-2022-50931 was published Jan 14, 2026
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to... High Unreviewed
CVE-2025-14979 was published Jan 6, 2026
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that... High Unreviewed
CVE-2020-36916 was published Jan 6, 2026
Epic Games Psyonix Rocket League <=1.95 contains an insecure permissions vulnerability that... High Unreviewed
CVE-2021-47742 was published Dec 31, 2025
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22). The... High Unreviewed
CVE-2025-64699 was published Dec 31, 2025
inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in... High Unreviewed
CVE-2025-66723 was published Dec 30, 2025
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows... High Unreviewed
CVE-2019-25245 was published Dec 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database