Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

530 advisories

Loading
A container privilege escalation flaw was found in certain CodeReady Workspaces images. This... Moderate Unreviewed
CVE-2025-57850 was published Dec 2, 2025
Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3... Moderate Unreviewed
CVE-2025-59485 was published Nov 25, 2025
The installation directory of LogStare Collector is configured with incorrect access permissions.... Moderate Unreviewed
CVE-2025-58097 was published Nov 21, 2025
XWiki AdminTools application doesn't set permissions on the AdminTools space Moderate
CVE-2025-54990 was published for com.xwiki.admintools:application-admintools (Maven) Nov 18, 2025
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly... Moderate Unreviewed
CVE-2025-13193 was published Nov 17, 2025
An improper default permission vulnerability was reported in Lenovo Dock Manager that, under... Moderate Unreviewed
CVE-2025-8421 was published Nov 12, 2025
Incorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3:... Moderate Unreviewed
CVE-2025-30518 was published Nov 11, 2025
Incorrect default permissions for some Intel(R) Thread Director Visualizer software before... Moderate Unreviewed
CVE-2025-31940 was published Nov 11, 2025
Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software... Moderate Unreviewed
CVE-2025-27711 was published Nov 11, 2025
Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8... Moderate Unreviewed
CVE-2025-27246 was published Nov 11, 2025
KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes Moderate
CVE-2025-64436 was published for kubevirt.io/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
A privacy issue was addressed by moving sensitive data. This issue is fixed in watchOS 26.1, iOS... Moderate Unreviewed
CVE-2025-43507 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26... Moderate Unreviewed
CVE-2025-43444 was published Nov 4, 2025
An Insecure Permission vulnerability in pgcodekeeper 10.12.0 allows a local attacker to obtain... Moderate Unreviewed
CVE-2025-46185 was published Oct 24, 2025
A container privilege escalation flaw was found in certain Container-native Virtualization images... Moderate Unreviewed
CVE-2025-57848 was published Oct 23, 2025
A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems... Moderate Unreviewed
CVE-2025-58712 was published Oct 22, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks... Moderate Unreviewed
CVE-2025-62661 was published Oct 21, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed
CVE-2025-62668 was published Oct 18, 2025
Newforma Info Exchange (NIX) before version 2023.1 by default allows anonymous authentication... Moderate Unreviewed
CVE-2025-35062 was published Oct 9, 2025
CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute... Moderate Unreviewed
CVE-2025-54086 was published Oct 2, 2025
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue... Moderate Unreviewed
CVE-2025-57852 was published Sep 30, 2025
A local attacker with low privileges on the Windows system where the software is installed can... Moderate Unreviewed
CVE-2025-53947 was published Sep 18, 2025
Certain files with overly permissive permissions were identified in the out-of-support Control-M... Moderate Unreviewed
CVE-2025-55111 was published Sep 16, 2025
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input... Moderate Unreviewed
CVE-2025-22425 was published Sep 4, 2025
The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local... Moderate Unreviewed
CVE-2025-9190 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database