GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,904
Erlang
38
GitHub Actions
38
Go
2,566
Maven
5,000+
npm
4,237
NuGet
753
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
1,371 advisories
Filter by severity
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with...
Moderate
Unreviewed
CVE-2025-31702
was published
Oct 15, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in...
High
Unreviewed
CVE-2025-57741
was published
Oct 14, 2025
Liferay has Incorrect Permission Assignment for Critical Resource
Moderate
CVE-2025-62251
was published
for
com.liferay:com.liferay.site.navigation.menu.item.asset.vocabulary
(Maven)
Oct 14, 2025
MacForge contains an insecure XPC service that allows local, unprivileged users to escalate their...
High
Unreviewed
CVE-2025-10751
was published
Oct 4, 2025
IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security...
Moderate
Unreviewed
CVE-2025-36193
was published
Sep 29, 2025
iMonitor EAM 9.6394 installs a system service (eamusbsrv64.exe) that runs with NT AUTHORITY...
High
Unreviewed
CVE-2025-10541
was published
Sep 25, 2025
Liferay Portal Commerce component has Incorrect Permission Assignment for Critical Resource
Moderate
CVE-2025-43808
was published
for
com.liferay.commerce:com.liferay.commerce.product.type.virtual.service
(Maven)
Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and...
Moderate
Unreviewed
CVE-2025-34189
was published
Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a telnet-based service on port 23...
High
Unreviewed
CVE-2025-52873
was published
Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a telnet-based service
on port 23...
High
Unreviewed
CVE-2025-54497
was published
Sep 19, 2025
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This...
Critical
Unreviewed
CVE-2025-10643
was published
Sep 17, 2025
Dragonfly's directories created via os.MkdirAll are not checked for permissions
Low
CVE-2025-59349
was published
for
d7y.io/dragonfly/v2
(Go)
Sep 17, 2025
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged...
Low
Unreviewed
CVE-2025-0164
was published
Sep 14, 2025
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation...
High
Unreviewed
CVE-2025-57392
was published
Sep 10, 2025
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions...
Critical
Unreviewed
CVE-2025-40804
was published
Sep 9, 2025
A low-privileged remote attacker could gain unauthorized access to critical resources, such as...
High
Unreviewed
CVE-2025-41664
was published
Sep 8, 2025
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers....
Moderate
Unreviewed
CVE-2025-10059
was published
Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an...
High
Unreviewed
CVE-2025-23257
was published
Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that...
High
Unreviewed
CVE-2025-23258
was published
Sep 5, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2025-43268
was published
Aug 29, 2025
Local privilege escalation due to insecure folder permissions. The following products are...
High
Unreviewed
CVE-2025-9578
was published
Aug 28, 2025
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and...
High
Unreviewed
CVE-2025-53396
was published
Aug 28, 2025
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for...
High
Unreviewed
CVE-2025-43729
was published
Aug 27, 2025
The configuration file containing database logins and passwords is readable by any local user.
Critical
Unreviewed
CVE-2025-30063
was published
Aug 27, 2025
In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due...
High
Unreviewed
CVE-2025-0093
was published
Aug 27, 2025
ProTip!
Advisories are also available from the
GraphQL API