Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,675
Maven
5,000+
npm
4,297
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

672 advisories

Loading
A local privilege escalation vulnerability exists in the restore mechanism of ASUS System... High Unreviewed
CVE-2025-59373 was published Nov 25, 2025
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due... High Unreviewed
CVE-2025-34323 was published Nov 17, 2025
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed
CVE-2024-32010 was published Nov 11, 2025
KubeVirt Vulnerable to Arbitrary Host File Read and Write High
CVE-2025-64324 was published for kubevirt.io/kubevirt (Go) Nov 7, 2025
mihailkirov Faeris95
jean-edouard
Credited to mihailkirov, Faeris95, and jean-edouard
Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which... High Unreviewed
CVE-2025-34287 was published Oct 31, 2025
On affected platforms, restricted users could use SSH port forwarding to access host-internal... High Unreviewed
CVE-2025-54546 was published Oct 30, 2025
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell... High Unreviewed
CVE-2025-54545 was published Oct 30, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in... High Unreviewed
CVE-2025-57741 was published Oct 14, 2025
MacForge contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed
CVE-2025-10751 was published Oct 4, 2025
iMonitor EAM 9.6394 installs a system service (eamusbsrv64.exe) that runs with NT AUTHORITY... High Unreviewed
CVE-2025-10541 was published Sep 25, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-52873 was published Sep 19, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23... High Unreviewed
CVE-2025-54497 was published Sep 19, 2025
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation... High Unreviewed
CVE-2025-57392 was published Sep 10, 2025
A low-privileged remote attacker could gain unauthorized access to critical resources, such as... High Unreviewed
CVE-2025-41664 was published Sep 8, 2025
NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an... High Unreviewed
CVE-2025-23257 was published Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that... High Unreviewed
CVE-2025-23258 was published Sep 5, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43268 was published Aug 29, 2025
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2025-9578 was published Aug 28, 2025
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and... High Unreviewed
CVE-2025-53396 was published Aug 28, 2025
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for... High Unreviewed
CVE-2025-43729 was published Aug 27, 2025
In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due... High Unreviewed
CVE-2025-0093 was published Aug 27, 2025
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to... High Unreviewed
CVE-2025-52094 was published Aug 22, 2025
Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrarily reset the system via... High Unreviewed
CVE-2025-55524 was published Aug 21, 2025
Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a... High Unreviewed
CVE-2025-27216 was published Aug 21, 2025
GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file... High Unreviewed
CVE-2025-50675 was published Aug 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database