Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,831 advisories

Loading
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. ... High Unreviewed
CVE-2025-5687 was published Jun 11, 2025
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-4315 was published Jun 11, 2025
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0.... Low Unreviewed
CVE-2025-22829 was published Jun 11, 2025
Improper privilege management in Windows Remote Access Connection Manager allows an authorized... High Unreviewed
CVE-2025-47955 was published Jun 10, 2025
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-33067 was published Jun 10, 2025
An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0... Moderate Unreviewed
CVE-2025-22254 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.1),... Moderate Unreviewed
CVE-2024-41797 was published Jun 10, 2025
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... High Unreviewed
CVE-2025-4681 was published Jun 10, 2025
The "RH - Real Estate WordPress Theme" theme for WordPress is vulnerable to Privilege Escalation... High Unreviewed
CVE-2025-4601 was published Jun 10, 2025
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x... High Unreviewed
CVE-2020-13776 was published May 24, 2022
Windows Win32k Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-34699 was published Aug 10, 2022
Azure Batch Node Agent Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-33646 was published Aug 10, 2022
Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-34691 was published Aug 10, 2022
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege... High Unreviewed
CVE-2022-33640 was published Aug 10, 2022
A local privilege escalation in the razer_elevation_service.exe in Razer Synapse 4 through 4.0.86... High Unreviewed
CVE-2025-27811 was published Jun 4, 2025
Apache Linkis vulnerable to privilege escalation High
CVE-2024-27181 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-34706 was published Aug 10, 2022
Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique... High Unreviewed
CVE-2022-34703 was published Aug 10, 2022
The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not... Moderate Unreviewed
CVE-2020-36603 was published Sep 15, 2022
Users with `create` but not `override` privileges can perform local sync Moderate
CVE-2023-50726 was published for github.com/argoproj/argo-cd (Go) Mar 15, 2024
crenshaw-dev
Credited to crenshaw-dev
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and... High Unreviewed
CVE-2024-21888 was published Jan 31, 2024
The location module has a vulnerability of bypassing permission verification.Successful... Critical Unreviewed
CVE-2022-39007 was published Sep 17, 2022
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect... High Unreviewed
CVE-2025-26396 was published Jun 2, 2025
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed
CVE-2025-0358 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database