Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,354 advisories

Loading
Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows... High Unreviewed
CVE-2025-8432 was published Oct 27, 2025
An Insecure Permission vulnerability in pgcodekeeper 10.12.0 allows a local attacker to obtain... Moderate Unreviewed
CVE-2025-46185 was published Oct 24, 2025
Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege... High Unreviewed
CVE-2025-12100 was published Oct 23, 2025
A container privilege escalation flaw was found in certain Container-native Virtualization images... Moderate Unreviewed
CVE-2025-57848 was published Oct 23, 2025
NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate... High Unreviewed
CVE-2025-23347 was published Oct 23, 2025
Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows... High Unreviewed
CVE-2025-11575 was published Oct 23, 2025
A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems... Moderate Unreviewed
CVE-2025-58712 was published Oct 22, 2025
The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions... High Unreviewed
CVE-2025-61035 was published Oct 22, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks... Moderate Unreviewed
CVE-2025-62661 was published Oct 21, 2025
ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions... High Unreviewed
CVE-2025-62577 was published Oct 20, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed
CVE-2025-62668 was published Oct 18, 2025
Newforma Info Exchange (NIX) before version 2023.1 by default allows anonymous authentication... Moderate Unreviewed
CVE-2025-35062 was published Oct 9, 2025
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install... High Unreviewed
CVE-2025-11535 was published Oct 9, 2025
CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute... Moderate Unreviewed
CVE-2025-54086 was published Oct 2, 2025
NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation... High Unreviewed
CVE-2025-23297 was published Oct 2, 2025
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue... Moderate Unreviewed
CVE-2025-57852 was published Sep 30, 2025
Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in... Low Unreviewed
CVE-2025-36857 was published Sep 25, 2025
A local attacker with low privileges on the Windows system where the software is installed can... Moderate Unreviewed
CVE-2025-53947 was published Sep 18, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions Low
CVE-2025-59349 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability.... High Unreviewed
CVE-2025-57625 was published Sep 16, 2025
Certain files with overly permissive permissions were identified in the out-of-support Control-M... Moderate Unreviewed
CVE-2025-55111 was published Sep 16, 2025
Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s)... High Unreviewed
CVE-2025-43725 was published Sep 10, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Incorrect... High Unreviewed
CVE-2025-43887 was published Sep 10, 2025
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that,... High Unreviewed
CVE-2025-10231 was published Sep 10, 2025
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input... Moderate Unreviewed
CVE-2025-22425 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database