Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

410 advisories

Loading
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed
CVE-2024-23301 was published Jan 13, 2024
Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed
CVE-2025-48959 was published Jun 4, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-31261 was published May 30, 2025
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed
CVE-2023-40076 was published Dec 5, 2023
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and... Moderate Unreviewed
CVE-2025-4081 was published May 29, 2025
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the... Moderate Unreviewed
CVE-2025-4412 was published May 27, 2025
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622,... Moderate Unreviewed
CVE-2025-46803 was published May 26, 2025
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of... Moderate Unreviewed
CVE-2024-13948 was published May 22, 2025
Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18... Moderate Unreviewed
CVE-2024-45067 was published May 15, 2025
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may... Moderate Unreviewed
CVE-2025-20095 was published May 13, 2025
Incorrect default permissions for some Endurance Gaming Mode software installers may allow an... Moderate Unreviewed
CVE-2024-47550 was published May 13, 2025
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an... Moderate Unreviewed
CVE-2024-28954 was published May 13, 2025
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed
CVE-2022-36439 was published Oct 18, 2022
Permission control vulnerability in the contacts module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-46586 was published May 6, 2025
Permission control vulnerability in the media library module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-46587 was published May 6, 2025
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may... Moderate Unreviewed
CVE-2021-33166 was published Feb 11, 2022
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2021-0093 was published Feb 11, 2022
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a... Moderate Unreviewed
CVE-2022-20465 was published Nov 9, 2022
In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data... Moderate Unreviewed
CVE-2022-20448 was published Nov 9, 2022
There is a vulnerability in permission verification during the Bluetooth pairing process.... Moderate Unreviewed
CVE-2022-44548 was published Nov 10, 2022
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission... Moderate Unreviewed
CVE-2022-20511 was published Dec 20, 2022
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and... Moderate Unreviewed
CVE-2024-23847 was published May 31, 2024
The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11088 was published Apr 5, 2025
The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory... Moderate Unreviewed
CVE-2025-2781 was published Mar 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database