GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,553 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are... Moderate Unreviewed

CVE-2025-27847 was published Aug 14, 2025

Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed

CVE-2025-49758 was published Aug 12, 2025

Privilege escalation occurs when a user gets access to more resources or functionality than they... Moderate Unreviewed

CVE-2025-8660 was published Aug 11, 2025

The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed

CVE-2025-26513 was published Aug 7, 2025

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2025-6994 was published Aug 6, 2025

ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed

CVE-2013-10052 was published Aug 4, 2025

Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed

CVE-2012-10022 was published Aug 1, 2025

The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed

CVE-2025-5954 was published Aug 1, 2025

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed

CVE-2025-52289 was published Jul 31, 2025

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6... High Unreviewed

CVE-2025-43248 was published Jul 30, 2025

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed

CVE-2025-43256 was published Jul 30, 2025

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6,... High Unreviewed

CVE-2025-43249 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2025-43188 was published Jul 30, 2025

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43199 was published Jul 30, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2025-31243 was published Jul 30, 2025

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed

CVE-2025-24119 was published Jul 30, 2025

A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11... High Unreviewed

CVE-2024-13975 was published Jul 25, 2025

An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... High Unreviewed

CVE-2024-48729 was published Jul 25, 2025

An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... Moderate Unreviewed

CVE-2024-48730 was published Jul 25, 2025

In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve... Moderate Unreviewed

CVE-2025-8107 was published Jul 25, 2025

This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8... Moderate Unreviewed

CVE-2025-22165 was published Jul 25, 2025

A local privilege escalation vulnerability exists in lastore-daemon, the system package manager... High Unreviewed

CVE-2016-15045 was published Jul 23, 2025

The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1... High Unreviewed

CVE-2015-10139 was published Jul 19, 2025

Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged... Moderate Unreviewed

CVE-2025-32353 was published Jul 16, 2025

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed

CVE-2025-53025 was published Jul 15, 2025

Previous 1…4…143 Next

Previous 1 2 3 4 5 6 … 142 143 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,553 advisories