GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,536
Composer 4,969
Erlang 39
GitHub Actions 38
Go 2,624
Maven 6,101
npm 4,257
NuGet 760
pip 4,050
Pub 12
RubyGems 953
Rust 1,052
Swift 45

Unreviewed advisories

All unreviewed 276,091

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,820 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2025-6080 was published Aug 16, 2025

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain... Moderate Unreviewed

CVE-2025-27846 was published Aug 14, 2025

In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are... Moderate Unreviewed

CVE-2025-27847 was published Aug 14, 2025

Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed

CVE-2025-49758 was published Aug 12, 2025

Privilege escalation occurs when a user gets access to more resources or functionality than they... Moderate Unreviewed

CVE-2025-8660 was published Aug 11, 2025

OpenBao Root Namespace Operator May Elevate Token Privileges High

CVE-2025-54996 was published for github.com/openbao/openbao (Go) Aug 8, 2025

The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed

CVE-2025-26513 was published Aug 7, 2025

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2025-6994 was published Aug 6, 2025

ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed

CVE-2013-10052 was published Aug 4, 2025

Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed

CVE-2012-10022 was published Aug 1, 2025

The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed

CVE-2025-5954 was published Aug 1, 2025

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed

CVE-2025-52289 was published Jul 31, 2025

Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) Moderate

CVE-2025-7784 was published for org.keycloak:keycloak-services (Maven) Jul 30, 2025

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6... High Unreviewed

CVE-2025-43248 was published Jul 30, 2025

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed

CVE-2025-43256 was published Jul 30, 2025

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6,... High Unreviewed

CVE-2025-43249 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2025-43188 was published Jul 30, 2025

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43199 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2025-31243 was published Jul 30, 2025

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed

CVE-2025-24119 was published Jul 30, 2025

A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11... High Unreviewed

CVE-2024-13975 was published Jul 25, 2025

An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... Moderate Unreviewed

CVE-2024-48730 was published Jul 25, 2025

An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... High Unreviewed

CVE-2024-48729 was published Jul 25, 2025

In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve... Moderate Unreviewed

CVE-2025-8107 was published Jul 25, 2025

This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8... Moderate Unreviewed

CVE-2025-22165 was published Jul 25, 2025

Previous 1…4…153 Next

Previous 1 2 3 4 5 6 … 152 153 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,820 advisories