Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,262 advisories

Loading
The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges... High Unreviewed
CVE-2025-9059 was published Sep 11, 2025
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to... High Unreviewed
CVE-2025-50892 was published Sep 10, 2025
Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows... High Unreviewed
CVE-2025-53914 was published Sep 9, 2025
Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows... High Unreviewed
CVE-2025-53913 was published Sep 9, 2025
K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged... High Unreviewed
CVE-2025-52915 was published Sep 9, 2025
In AccessibilityServiceConnection.java, there is a possible background activity launch due to a... High Unreviewed
CVE-2025-26462 was published Sep 5, 2025
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a... High Unreviewed
CVE-2025-26435 was published Sep 5, 2025
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a... High Unreviewed
CVE-2025-32345 was published Sep 4, 2025
N/A High Unreviewed
CVE-2025-36901 was published Sep 4, 2025
Elevation of privilege High Unreviewed
CVE-2025-36891 was published Sep 4, 2025
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the... High Unreviewed
CVE-2024-46916 was published Aug 29, 2025
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch... High Unreviewed
CVE-2025-55582 was published Aug 27, 2025
A non-primary administrator user with admin rights to the web interface but without shell access... High Unreviewed
CVE-2025-36729 was published Aug 26, 2025
The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed
CVE-2025-6366 was published Aug 26, 2025
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-5931 was published Aug 26, 2025
D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure... High Unreviewed
CVE-2025-55581 was published Aug 22, 2025
The StrongDM Windows service incorrectly handled communication related to system certificate... High Unreviewed
CVE-2025-6182 was published Aug 20, 2025
There is an improper privilege management vulnerability identified in ManageEngine's Asset... High Unreviewed
CVE-2025-8309 was published Aug 20, 2025
CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation... High Unreviewed
CVE-2025-8453 was published Aug 20, 2025
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2025-8218 was published Aug 19, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-6080 was published Aug 16, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-49758 was published Aug 12, 2025
The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a... High Unreviewed
CVE-2025-26513 was published Aug 7, 2025
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed
CVE-2013-10052 was published Aug 4, 2025
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed
CVE-2012-10022 was published Aug 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database