Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
view_component: Preview Route Can Dispatch Inherited Helper Methods Moderate
CVE-2026-44836 was published for view_component (RubyGems) May 8, 2026
cyberlanc3r Credited to cyberlanc3r
The VerySecureApp made by DIVD using Mendix Studio Pro 11.8.0 Beta allows unintended data... Critical Unreviewed
CVE-2026-7891 was published May 8, 2026
OpenClaw's ACP child sessions inherit subagent security envelope constraints Moderate
CVE-2026-44997 was published for openclaw (npm) May 4, 2026
zsxsoft Credited to zsxsoft, qclawer, and KeenSecurityLab qclawer qclawer
KeenSecurityLab KeenSecurityLab
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.7 and before allows a local... High Unreviewed
CVE-2026-30266 was published Apr 20, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-20630 was published Feb 12, 2026
Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0... Moderate Unreviewed
CVE-2025-32092 was published Feb 10, 2026
Authenticated arbitrary file write vulnerability exists in the web-based management interface of... High Unreviewed
CVE-2025-37174 was published Jan 13, 2026
SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results Low
CVE-2025-65111 was published for github.com/authzed/spicedb (Go) Nov 21, 2025
Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before... Moderate Unreviewed
CVE-2025-24327 was published Nov 11, 2025
An insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device... Moderate Unreviewed
CVE-2025-56019 was published Oct 2, 2025
Coder vulnerable to privilege escalation could lead to a cross workspace compromise High
CVE-2025-58437 was published for github.com/coder/coder/v2 (Go) Sep 5, 2025
johnstcn Credited to johnstcn
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2025-36104 was published Jul 12, 2025
IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to... Moderate Unreviewed
CVE-2025-3473 was published Jun 11, 2025
django-helpdesk Allows Sensitive Data Exposure Moderate
CVE-2018-25111 was published for django-helpdesk (pip) May 31, 2025
Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before... Moderate Unreviewed
CVE-2025-22448 was published May 13, 2025
Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network... Moderate Unreviewed
CVE-2025-20629 was published May 13, 2025
Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before... Moderate Unreviewed
CVE-2025-20008 was published May 13, 2025
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an... Moderate Unreviewed
CVE-2025-31332 was published Apr 8, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions... Moderate Unreviewed
CVE-2025-29982 was published Apr 2, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS... Moderate Unreviewed
CVE-2023-28207 was published Mar 21, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a... Moderate Unreviewed
CVE-2024-51448 was published Jan 18, 2025
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow... Moderate Unreviewed
CVE-2024-36276 was published Nov 13, 2024
Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow... Moderate Unreviewed
CVE-2024-36294 was published Nov 13, 2024
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may... High Unreviewed
CVE-2023-33870 was published Oct 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database