Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

316 advisories

Loading
Improper preservation of permissions vulnerability in Archiving Push functionality in Synology... Low Unreviewed
CVE-2024-47270 was published May 27, 2026
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a... High Unreviewed
CVE-2026-24194 was published May 26, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak Moderate Unreviewed
CVE-2026-25850 was published May 19, 2026
The software fails to enforce role-based access controls for certain Gateway API invocations.... Moderate Unreviewed
CVE-2025-8325 was published May 11, 2026
Snipe-IT has Privilege Escalation via API Permissions Assignment High
CVE-2026-44832 was published for snipe/snipe-it (Composer) May 8, 2026
lorenzofradeani Credited to lorenzofradeani
uutils coreutils doesn't properly handle setuid and setgid bits when ownership preservation fails Moderate
CVE-2026-35350 was published for coreutils (Rust) Apr 22, 2026
uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries Moderate
CVE-2026-35351 was published for coreutils (Rust) Apr 22, 2026
uutils coreutils has an Improper Preservation of Permissions issue Low
CVE-2026-35361 was published for coreutils (Rust) Apr 22, 2026
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome... High Unreviewed
CVE-2026-35385 was published Apr 2, 2026
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may... Low Unreviewed
CVE-2025-9615 was published Jan 26, 2026
A flaw was found in the 3scale developer portal. This issue can allow account creation or updates... Moderate Unreviewed
CVE-2024-12125 was published Nov 7, 2025
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary... High Unreviewed
CVE-2025-37735 was published Nov 6, 2025
Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in... High Unreviewed
CVE-2025-34298 was published Oct 31, 2025
Rancher user retains access to clusters despite Global Role removal Moderate
CVE-2023-32199 was published for github.com/rancher/rancher (Go) Oct 24, 2025
In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the... Moderate Unreviewed
CVE-2025-26420 was published Sep 4, 2025
Duplicate Advisory: GHSA-x698-5hjm-w2m5 High
GHSA-2wcm-vx67-3x4q was published for pyload-ng (pip) Jul 8, 2025 withdrawn
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Critical Unreviewed
CVE-2025-43698 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... High Unreviewed
CVE-2025-43701 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... High Unreviewed
CVE-2025-43700 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows... High Unreviewed
CVE-2025-43697 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-26691 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-27247 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-26693 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-27563 was published Jun 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database