Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,690
Maven
5,000+
npm
5,000+
NuGet
934
pip
4,928
Pub
13
RubyGems
1,053
Rust
1,322
Swift
53
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries Moderate
CVE-2026-35351 was published for coreutils (Rust) Apr 22, 2026
uutils coreutils doesn't properly handle setuid and setgid bits when ownership preservation fails Moderate
CVE-2026-35350 was published for coreutils (Rust) Apr 22, 2026
uutils coreutils has an Improper Preservation of Permissions issue Low
CVE-2026-35361 was published for coreutils (Rust) Apr 22, 2026
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome... High Unreviewed
CVE-2026-35385 was published Apr 2, 2026
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may... Low Unreviewed
CVE-2025-9615 was published Jan 26, 2026
A flaw was found in the 3scale developer portal. This issue can allow account creation or updates... Moderate Unreviewed
CVE-2024-12125 was published Nov 7, 2025
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary... High Unreviewed
CVE-2025-37735 was published Nov 6, 2025
Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in... High Unreviewed
CVE-2025-34298 was published Oct 31, 2025
Rancher user retains access to clusters despite Global Role removal Moderate
CVE-2023-32199 was published for github.com/rancher/rancher (Go) Oct 24, 2025
In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the... Moderate Unreviewed
CVE-2025-26420 was published Sep 4, 2025
Duplicate Advisory: GHSA-x698-5hjm-w2m5 High
GHSA-2wcm-vx67-3x4q was published for pyload-ng (pip) Jul 8, 2025 withdrawn
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... High Unreviewed
CVE-2025-43701 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Critical Unreviewed
CVE-2025-43698 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... High Unreviewed
CVE-2025-43700 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows... High Unreviewed
CVE-2025-43697 was published Jun 10, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-26693 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-27563 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-26691 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-27247 was published Jun 8, 2025
SystemUI has an incorrect component protection setting, which allows access to specific information. Moderate Unreviewed
CVE-2024-46941 was published Jun 6, 2025
A potential security vulnerability has been identified in the HP Support Assistant for versions... High Unreviewed
CVE-2025-43026 was published Jun 5, 2025
CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute... High Unreviewed
CVE-2025-27703 was published May 28, 2025
An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password... High Unreviewed
CVE-2024-57698 was published Apr 29, 2025
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This... Low Unreviewed
CVE-2025-32696 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database