Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,417 advisories

Loading
OpenBao Root Namespace Operator May Elevate Token Privileges High
CVE-2025-54996 was published for github.com/openbao/openbao (Go) Aug 8, 2025
The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed
CVE-2025-26513 was published Aug 7, 2025
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed
CVE-2013-10052 was published Aug 4, 2025
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed
CVE-2012-10022 was published Aug 1, 2025
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed
CVE-2025-52289 was published Jul 31, 2025
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6... High Unreviewed
CVE-2025-43248 was published Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2025-43256 was published Jul 30, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6,... High Unreviewed
CVE-2025-43249 was published Jul 30, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43188 was published Jul 30, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-31243 was published Jul 30, 2025
A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11... High Unreviewed
CVE-2024-13975 was published Jul 25, 2025
An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate... High Unreviewed
CVE-2024-48729 was published Jul 25, 2025
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager... High Unreviewed
CVE-2016-15045 was published Jul 23, 2025
Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources High
CVE-2025-53942 was published for goauthentik.io (Go) Jul 22, 2025
pascalwei
Credited to pascalwei
The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1... High Unreviewed
CVE-2015-10139 was published Jul 19, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2025-53027 was published Jul 15, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2025-53024 was published Jul 15, 2025
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... High Unreviewed
CVE-2025-50069 was published Jul 15, 2025
Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft ... High Unreviewed
CVE-2025-50062 was published Jul 15, 2025
CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation... High Unreviewed
CVE-2025-50124 was published Jul 11, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows... High Unreviewed
CVE-2025-6759 was published Jul 9, 2025
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices... High Unreviewed
CVE-2025-24006 was published Jul 8, 2025
A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web... High Unreviewed
CVE-2025-34078 was published Jul 2, 2025
In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-36630 was published Jul 2, 2025
Janssen Config API returns results without scope verification High
CVE-2025-53003 was published for io.jans:jans-config-api-server (Maven) Jun 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database