GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,371
Composer 4,820
Erlang 36
GitHub Actions 32
Go 2,412
Maven 5,805
npm 4,050
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,004
Swift 38

Unreviewed advisories

All unreviewed 264,612

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,731 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

266 vulnerability in Crestron Automate VX allows Privilege Escalation.This issue affects Automate... High Unreviewed

CVE-2025-47420 was published May 7, 2025

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-3438 was published May 2, 2025

An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to... Critical Unreviewed

CVE-2025-25962 was published Apr 29, 2025

An attacker with control over a content process could potentially leverage the privileged UITour... High Unreviewed

CVE-2025-4085 was published Apr 29, 2025

org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type Critical

CVE-2025-32974 was published for org.xwiki.platform:xwiki-platform-security-requiredrights-default (Maven) Apr 29, 2025

There is a Permission Management and Access Control vulnerability in the GoldenDB database... Moderate Unreviewed

CVE-2025-46576 was published Apr 27, 2025

The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including,... High Unreviewed

CVE-2025-2238 was published Apr 25, 2025

The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed

CVE-2025-3101 was published Apr 24, 2025

The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2025-3761 was published Apr 24, 2025

An improper privilege management vulnerability in the recovery function of the USG FLEX H series... Moderate Unreviewed

CVE-2025-1732 was published Apr 22, 2025

The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed

CVE-2025-3278 was published Apr 19, 2025

An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers... High Unreviewed

CVE-2025-28237 was published Apr 18, 2025

Omnissa Horizon Client for Windows contains an LPE Vulnerability. A malicious actor with local... High Unreviewed

CVE-2025-25230 was published Apr 17, 2025

An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2025-28399 was published Apr 15, 2025

The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0... High Unreviewed

CVE-2025-3418 was published Apr 12, 2025

An app may be able to elevate privileges. This issue is fixed in macOS 14. This issue was... High Unreviewed

CVE-2023-41076 was published Apr 11, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and... Moderate Unreviewed

CVE-2023-38614 was published Apr 11, 2025

Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to... High Unreviewed

CVE-2025-29800 was published Apr 8, 2025

A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed

CVE-2025-29999 was published Apr 8, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the postID... Moderate Unreviewed

CVE-2025-28400 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter Moderate Unreviewed

CVE-2025-28401 was published Apr 7, 2025

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed

CVE-2025-2798 was published Apr 4, 2025

The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme,... High Unreviewed

CVE-2025-3105 was published Apr 4, 2025

A broken access control vulnerability previously discovered in the Trend Vision One Role Name... Low Unreviewed

CVE-2025-31285 was published Apr 2, 2025

An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed

CVE-2025-31286 was published Apr 2, 2025

Previous 1 2 3 4 5 6 7 … 149 150 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,731 advisories