Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,831 advisories

Loading
An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via... Critical Unreviewed
CVE-2025-22937 was published Mar 31, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-6080 was published Aug 16, 2025
In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain... Moderate Unreviewed
CVE-2025-27846 was published Aug 14, 2025
In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are... Moderate Unreviewed
CVE-2025-27847 was published Aug 14, 2025
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based... High Unreviewed
CVE-2021-21981 was published May 24, 2022
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-49758 was published Aug 12, 2025
OpenBao Root Namespace Operator May Elevate Token Privileges High
CVE-2025-54996 was published for github.com/openbao/openbao (Go) Aug 8, 2025
The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed
CVE-2025-26513 was published Aug 7, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... High Unreviewed
CVE-2025-4879 was published Jun 17, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows... High Unreviewed
CVE-2025-6759 was published Jul 9, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... High Unreviewed
CVE-2025-0320 was published Jun 17, 2025
The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2025-6994 was published Aug 6, 2025
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed
CVE-2013-10052 was published Aug 4, 2025
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed
CVE-2012-10022 was published Aug 1, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File... Moderate Unreviewed
CVE-2025-0651 was published Jan 22, 2025
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed
CVE-2025-52289 was published Jul 31, 2025
This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8... Moderate Unreviewed
CVE-2025-22165 was published Jul 25, 2025
Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) Moderate
CVE-2025-7784 was published for org.keycloak:keycloak-services (Maven) Jul 30, 2025
Duplicate Advisory: Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) Moderate
GHSA-83j7-mhw9-388w was published for org.keycloak:keycloak-services (Maven) Jul 18, 2025 withdrawn
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged... Moderate Unreviewed
CVE-2025-32353 was published Jul 16, 2025
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated... High Unreviewed
CVE-2014-9193 was published May 17, 2022
Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. High Unreviewed
CVE-2024-12284 was published Feb 20, 2025
An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... Moderate Unreviewed
CVE-2024-48730 was published Jul 25, 2025
An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... High Unreviewed
CVE-2024-48729 was published Jul 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database