GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,808
Composer 5,566
Erlang 49
GitHub Actions 49
Go 3,479
Maven 6,393
npm 5,718
NuGet 886
pip 4,740
Pub 13
RubyGems 1,031
Rust 1,225
Swift 53

Unreviewed advisories

All unreviewed 297,386

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly... Critical Unreviewed

CVE-2026-21902 was published Feb 25, 2026

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file... Critical Unreviewed

CVE-2025-14988 was published Jan 27, 2026

The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded... Critical Unreviewed

CVE-2025-69426 was published Jan 9, 2026

Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation... Critical Unreviewed

CVE-2025-12004 was published Oct 21, 2025

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This... Critical Unreviewed

CVE-2025-10643 was published Sep 17, 2025

A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions... Critical Unreviewed

CVE-2025-40804 was published Sep 9, 2025

The configuration file containing database logins and passwords is readable by any local user. Critical Unreviewed

CVE-2025-30063 was published Aug 27, 2025

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior... Critical Unreviewed

CVE-2025-4609 was published Aug 22, 2025

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start... Critical Unreviewed

CVE-2025-8042 was published Aug 19, 2025

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows... Critical Unreviewed

CVE-2025-46093 was published Aug 5, 2025

Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view... Critical Unreviewed

CVE-2025-45150 was published Aug 1, 2025

Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a... Critical Unreviewed

CVE-2014-125121 was published Jul 31, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43243 was published Jul 30, 2025

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues... Critical Unreviewed

CVE-2025-26469 was published Jul 28, 2025

The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker... Critical Unreviewed

CVE-2017-20198 was published Jul 23, 2025

The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions,... Critical Unreviewed

CVE-2025-25373 was published Mar 25, 2025

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx).... Critical Unreviewed

CVE-2025-1413 was published Feb 28, 2025

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-57520 was published Feb 6, 2025

Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Critical Unreviewed

CVE-2024-55959 was published Jan 21, 2025

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an... Critical Unreviewed

CVE-2024-38337 was published Jan 19, 2025

Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication... Critical Unreviewed

CVE-2025-0066 was published Jan 14, 2025

The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for... Critical Unreviewed

CVE-2024-53931 was published Jan 7, 2025

The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme)... Critical Unreviewed

CVE-2024-53932 was published Jan 7, 2025

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41647 was published Dec 7, 2024

Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead... Critical Unreviewed

CVE-2024-10018 was published Oct 16, 2024

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111 advisories