GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,215
Composer 5,632
Erlang 49
GitHub Actions 49
Go 3,549
Maven 6,424
npm 5,851
NuGet 917
pip 4,798
Pub 13
RubyGems 1,038
Rust 1,237
Swift 53

Unreviewed advisories

All unreviewed 298,239

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,320 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows... High Unreviewed

CVE-2026-22676 was published Apr 15, 2026

Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1... Moderate Unreviewed

CVE-2026-21011 was published Apr 13, 2026

The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have... Moderate Unreviewed

CVE-2026-4482 was published Apr 10, 2026

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to... High Unreviewed

CVE-2025-14979 was published Jan 6, 2026

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2023-6506 was published Jan 11, 2024

The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2023-6883 was published Jan 11, 2024

Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission... Low Unreviewed

CVE-2026-28264 was published Apr 8, 2026

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker... High Unreviewed

CVE-2021-38289 was published Jul 13, 2022

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-23223 was published Jan 23, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-27883 was published Jul 30, 2024

Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2026-33271 was published Apr 2, 2026

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for... Moderate Unreviewed

CVE-2025-12801 was published Mar 4, 2026

When a certificate and its private key are installed in the Windows machine certificate store... Low Unreviewed

CVE-2026-4761 was published Mar 25, 2026

A flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()`... Low Unreviewed

CVE-2026-21715 was published Mar 30, 2026

Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical... High Unreviewed

CVE-2026-22768 was published Apr 1, 2026

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate... High Unreviewed

CVE-2026-34352 was published Mar 27, 2026

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as... High Unreviewed

CVE-2009-0115 was published May 2, 2022

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed

CVE-2026-20693 was published Mar 25, 2026

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2026-28829 was published Mar 25, 2026

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed

CVE-2024-21915 was published Feb 16, 2024

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed

CVE-2005-4868 was published May 1, 2022

TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions ... Moderate Unreviewed

CVE-2009-3482 was published May 2, 2022

nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which... Moderate Unreviewed

CVE-2009-1073 was published May 2, 2022

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7... Moderate Unreviewed

CVE-2007-5544 was published May 1, 2022

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ... High Unreviewed

CVE-2026-24291 was published Mar 10, 2026

Previous1…53 Next

Previous 1 2 3 4 5 … 52 53 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,320 advisories