GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,720
Composer 4,851
Erlang 36
GitHub Actions 35
Go 2,481
Maven 5,901
npm 4,102
NuGet 734
pip 3,914
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 267,797

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

424 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed

CVE-2025-9190 was published Aug 26, 2025

The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed

CVE-2025-53811 was published Aug 26, 2025

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed

CVE-2025-53813 was published Aug 26, 2025

MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and... Moderate Unreviewed

CVE-2025-8672 was published Aug 11, 2025

Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may... Moderate Unreviewed

CVE-2025-27559 was published Aug 12, 2025

Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may... Moderate Unreviewed

CVE-2025-20087 was published Aug 12, 2025

Incorrect default permissions for some Intel(R) Distribution for Python software installers... Moderate Unreviewed

CVE-2025-26470 was published Aug 12, 2025

Incorrect default permissions for some Intel(R) Graphics Driver software installers may allow an... Moderate Unreviewed

CVE-2025-20023 was published Aug 12, 2025

Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager ... Moderate Unreviewed

CVE-2024-39347 was published Aug 7, 2025

4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions. Moderate Unreviewed

CVE-2024-55398 was published Aug 6, 2025

CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-49084 was published Jul 31, 2025

CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-54085 was published Jul 31, 2025

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to... Moderate Unreviewed

CVE-2025-49082 was published Jul 31, 2025

CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged... Moderate Unreviewed

CVE-2025-41658 was published Aug 4, 2025

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to... Moderate Unreviewed

CVE-2024-46544 was published Sep 23, 2024

An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the... Moderate Unreviewed

CVE-2025-41665 was published Jul 8, 2025

The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2024-11089 was published Jul 7, 2025

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local... Moderate Unreviewed

CVE-2025-39201 was published Jun 24, 2025

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed

CVE-2022-4964 was published Jan 24, 2024

The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed

CVE-2025-5255 was published Jun 20, 2025

The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple... Moderate Unreviewed

CVE-2025-5963 was published Jun 20, 2025

Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed

CVE-2024-23301 was published Jan 13, 2024

Local privilege escalation due to insecure file permissions. The following products are affected:... Moderate Unreviewed

CVE-2025-48959 was published Jun 4, 2025

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed

CVE-2025-31261 was published May 30, 2025

In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed

CVE-2023-40076 was published Dec 5, 2023

Previous1…17 Next

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

424 advisories