Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,415 advisories

Loading
Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows... High Unreviewed
CVE-2025-53914 was published Sep 9, 2025
Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows... High Unreviewed
CVE-2025-53913 was published Sep 9, 2025
K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged... High Unreviewed
CVE-2025-52915 was published Sep 9, 2025
Coder vulnerable to privilege escalation could lead to a cross workspace compromise High
CVE-2025-58437 was published for github.com/coder/coder/v2 (Go) Sep 5, 2025
johnstcn
Credited to johnstcn
In AccessibilityServiceConnection.java, there is a possible background activity launch due to a... High Unreviewed
CVE-2025-26462 was published Sep 5, 2025
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a... High Unreviewed
CVE-2025-26435 was published Sep 5, 2025
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a... High Unreviewed
CVE-2025-32345 was published Sep 4, 2025
N/A High Unreviewed
CVE-2025-36901 was published Sep 4, 2025
Elevation of privilege High Unreviewed
CVE-2025-36891 was published Sep 4, 2025
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the... High Unreviewed
CVE-2024-46916 was published Aug 29, 2025
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch... High Unreviewed
CVE-2025-55582 was published Aug 27, 2025
A non-primary administrator user with admin rights to the web interface but without shell access... High Unreviewed
CVE-2025-36729 was published Aug 26, 2025
The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed
CVE-2025-6366 was published Aug 26, 2025
An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of... High Unreviewed
CVE-2024-47853 was published Aug 26, 2025
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-5931 was published Aug 26, 2025
Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE) High
CVE-2025-57760 was published for langflow (pip) Aug 25, 2025
chaandrey
Credited to chaandrey
D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure... High Unreviewed
CVE-2025-55581 was published Aug 22, 2025
The StrongDM Windows service incorrectly handled communication related to system certificate... High Unreviewed
CVE-2025-6182 was published Aug 20, 2025
There is an improper privilege management vulnerability identified in ManageEngine's Asset... High Unreviewed
CVE-2025-8309 was published Aug 20, 2025
CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation... High Unreviewed
CVE-2025-8453 was published Aug 20, 2025
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2025-8218 was published Aug 19, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-6080 was published Aug 16, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-49758 was published Aug 12, 2025
OpenBao Root Namespace Operator May Elevate Token Privileges High
CVE-2025-54996 was published for github.com/openbao/openbao (Go) Aug 8, 2025
The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed
CVE-2025-26513 was published Aug 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database