GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,434
Composer 4,826
Erlang 36
GitHub Actions 32
Go 2,426
Maven 5,833
npm 4,058
NuGet 723
pip 3,848
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 265,093

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,185 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager ... Moderate Unreviewed

CVE-2024-39347 was published Aug 7, 2025

4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions. Moderate Unreviewed

CVE-2024-55398 was published Aug 6, 2025

CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-49084 was published Jul 31, 2025

CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-54085 was published Jul 31, 2025

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-49082 was published Jul 31, 2025

Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0... High Unreviewed

CVE-2025-52361 was published Aug 1, 2025

Certain Draytek products are affected by Insecure Permissions. This affects AP903 v1.4.18 and... High Unreviewed

CVE-2025-44643 was published Aug 4, 2025

CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged... Moderate Unreviewed

CVE-2025-41658 was published Aug 4, 2025

In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory... High Unreviewed

CVE-2025-54530 was published Jul 28, 2025

Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update... High Unreviewed

CVE-2025-45467 was published Jul 25, 2025

During the AWS Client VPN client installation on Windows devices, the install process references... High Unreviewed

CVE-2025-8069 was published Jul 23, 2025

The `username:password` part was not correctly stripped from URLs in CSP reports potentially... Critical Unreviewed

CVE-2025-8031 was published Jul 22, 2025

A vulnerability related to registry permissions in the Intercept X for Windows updater prior to... High Unreviewed

CVE-2024-13972 was published Jul 17, 2025

An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that... High Unreviewed

CVE-2025-0886 was published Jul 17, 2025

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the... High Unreviewed

CVE-2025-3617 was published Apr 15, 2025

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to... Moderate Unreviewed

CVE-2024-46544 was published Sep 23, 2024

An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the... Moderate Unreviewed

CVE-2025-41665 was published Jul 8, 2025

The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2024-11089 was published Jul 7, 2025

A security bypass vulnerability exists in Google Chrome AppBound cookie encryption mechanism due... Critical Unreviewed

CVE-2025-34090 was published Jul 2, 2025

Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect... High Unreviewed

CVE-2025-46014 was published Jun 30, 2025

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user... Critical Unreviewed

CVE-2014-7210 was published Jun 26, 2025

The Nix, Lix, and Guix package managers default to using temporary build directories in a world... Low Unreviewed

CVE-2025-52991 was published Jun 27, 2025

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local... Moderate Unreviewed

CVE-2025-39201 was published Jun 24, 2025

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed

CVE-2022-4964 was published Jan 24, 2024

The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed

CVE-2025-5255 was published Jun 20, 2025

Previous 1 2 3 4 5 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,185 advisories