Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,305 advisories

Loading
Fess has Insecure Temporary File Permissions Low
CVE-2025-48382 was published for org.codelibs.fess:fess (Maven) May 27, 2025
simei2k
For a short time they PTY is set to mode 666, allowing any user on the system to connect to the... Moderate Unreviewed
CVE-2025-46802 was published May 26, 2025
A Privilege Escalation vulnerability has been found in ProactivaNet v3.24.0.0 from Grupo Espiral... High Unreviewed
CVE-2025-40672 was published May 26, 2025
Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and... High Unreviewed
CVE-2025-45472 was published May 22, 2025
Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges... High Unreviewed
CVE-2025-45468 was published May 22, 2025
Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and... High Unreviewed
CVE-2025-45471 was published May 22, 2025
Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect... Moderate Unreviewed
CVE-2025-32915 was published May 22, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework... High Unreviewed
CVE-2025-3944 was published May 22, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework... Moderate Unreviewed
CVE-2025-3936 was published May 22, 2025
GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-2759 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and... High Unreviewed
CVE-2025-34025 was published May 22, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 2... Moderate Unreviewed
CVE-2025-31262 was published May 19, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... High Unreviewed
CVE-2025-40574 was published May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... Moderate Unreviewed
CVE-2025-40572 was published May 13, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24009 was published May 13, 2025
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted... Moderate Unreviewed
CVE-2025-42997 was published May 13, 2025
IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there... High Unreviewed
CVE-2025-26169 was published May 7, 2025
IXON VPN Client before 1.4.4 on Linux and macOS allows Local Privilege Escalation to root because... High Unreviewed
CVE-2025-26168 was published May 7, 2025
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager ... Moderate Unreviewed
CVE-2025-23245 was published May 1, 2025
Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder... High Unreviewed
CVE-2025-3394 was published Apr 30, 2025
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2025-30408 was published Apr 24, 2025
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed
CVE-2025-0926 was published Apr 23, 2025
An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H... High Unreviewed
CVE-2025-1731 was published Apr 22, 2025
Overview  The product specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2025-0758 was published Apr 17, 2025
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search... High Unreviewed
CVE-2025-30708 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database