Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

494 advisories

Loading
The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have... Moderate Unreviewed
CVE-2026-4482 was published Apr 10, 2026
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2026-33271 was published Apr 2, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-28829 was published Mar 25, 2026
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2026-20693 was published Mar 25, 2026
Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file... Moderate Unreviewed
CVE-2026-29516 was published Mar 16, 2026
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control... Moderate Unreviewed
CVE-2025-15037 was published Mar 12, 2026
An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get... Moderate Unreviewed
CVE-2025-41712 was published Mar 10, 2026
Sensitive information disclosure due to improper configuration of a headless browser. The... Moderate Unreviewed
CVE-2026-28725 was published Mar 6, 2026
Credentials are not deleted from Acronis Agent after plan revocation. The following products are... Moderate Unreviewed
CVE-2025-11790 was published Mar 6, 2026
Credentials are not deleted from Acronis Agent after plan revocation. The following products are... Moderate Unreviewed
CVE-2025-30413 was published Mar 6, 2026
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for... Moderate Unreviewed
CVE-2025-12801 was published Mar 4, 2026
erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded... Moderate Unreviewed
CVE-2025-70342 was published Mar 4, 2026
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0... Moderate Unreviewed
CVE-2025-14604 was published Mar 3, 2026
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File... Moderate Unreviewed
CVE-2026-26100 was published Feb 20, 2026
Tanium addressed an insecure file permissions vulnerability in Enforce Recovery Key Portal. Moderate Unreviewed
CVE-2026-1344 was published Feb 18, 2026
Incorrect permission assignment for critical resource for some System Firmware Update Utility ... Moderate Unreviewed
CVE-2025-35999 was published Feb 10, 2026
Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in... Moderate Unreviewed
CVE-2025-14740 was published Feb 4, 2026
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended... Moderate Unreviewed
CVE-2025-52627 was published Feb 3, 2026
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10,... Moderate Unreviewed
CVE-2026-22280 was published Jan 22, 2026
A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could... Moderate Unreviewed
CVE-2026-20092 was published Jan 21, 2026
An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon... Moderate Unreviewed
CVE-2025-59961 was published Jan 15, 2026
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25... Moderate Unreviewed
CVE-2025-67794 was published Dec 18, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43470 was published Dec 12, 2025
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0... Moderate Unreviewed
CVE-2025-8148 was published Dec 5, 2025
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the... Moderate Unreviewed
CVE-2025-64996 was published Nov 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database