Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,773 advisories

Loading
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6,... High Unreviewed
CVE-2025-43249 was published Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2025-43256 was published Jul 30, 2025
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6... High Unreviewed
CVE-2025-43248 was published Jul 30, 2025
Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) Moderate
CVE-2025-7784 was published for org.keycloak:keycloak-services (Maven) Jul 30, 2025
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed
CVE-2025-52289 was published Jul 31, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed
CVE-2012-10022 was published Aug 1, 2025
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed
CVE-2013-10052 was published Aug 4, 2025
The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2025-6994 was published Aug 6, 2025
The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed
CVE-2025-26513 was published Aug 7, 2025
OpenBao Root Namespace Operator May Elevate Token Privileges High
CVE-2025-54996 was published for github.com/openbao/openbao (Go) Aug 8, 2025
Privilege escalation occurs when a user gets access to more resources or functionality than they... Moderate Unreviewed
CVE-2025-8660 was published Aug 11, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-49758 was published Aug 12, 2025
In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain... Moderate Unreviewed
CVE-2025-27846 was published Aug 14, 2025
In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are... Moderate Unreviewed
CVE-2025-27847 was published Aug 14, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-6080 was published Aug 16, 2025
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2025-8218 was published Aug 19, 2025
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-6758 was published Aug 19, 2025
CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation... High Unreviewed
CVE-2025-8453 was published Aug 20, 2025
The StrongDM Windows service incorrectly handled communication related to system certificate... High Unreviewed
CVE-2025-6182 was published Aug 20, 2025
There is an improper privilege management vulnerability identified in ManageEngine's Asset... High Unreviewed
CVE-2025-8309 was published Aug 20, 2025
Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime ... Moderate Unreviewed
CVE-2025-55627 was published Aug 22, 2025
D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure... High Unreviewed
CVE-2025-55581 was published Aug 22, 2025
Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE) High
CVE-2025-57760 was published for langflow (pip) Aug 25, 2025
chaandrey
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-5931 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database