Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,419
Maven
5,000+
npm
4,055
NuGet
723
pip
3,847
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,732 advisories

Loading
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Account... Low Unreviewed
CVE-2025-31282 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One Status... Low Unreviewed
CVE-2025-31284 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Roles... Low Unreviewed
CVE-2025-31283 was published Apr 2, 2025
An issue in BambooHR Build v.25.0210.170831-83b08dd allows a remote attacker to escalate... High Unreviewed
CVE-2025-29033 was published Apr 1, 2025
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor... High Unreviewed
CVE-2025-22231 was published Apr 1, 2025
The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication... Critical Unreviewed
CVE-2025-2237 was published Apr 1, 2025
Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to... High Unreviewed
CVE-2025-0416 was published Apr 1, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2025-24254 was published Apr 1, 2025
An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via... Critical Unreviewed
CVE-2025-22937 was published Mar 31, 2025
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to... Moderate Unreviewed
CVE-2025-2713 was published Mar 28, 2025
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with... High Unreviewed
CVE-2025-2858 was published Mar 28, 2025
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could... High Unreviewed
CVE-2024-58104 was published Mar 25, 2025
accountsservice no longer drops permissions when writting .pam_environment Moderate Unreviewed
CVE-2022-1804 was published Mar 25, 2025
Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's... High Unreviewed
CVE-2024-53350 was published Mar 21, 2025
Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's... High Unreviewed
CVE-2024-53349 was published Mar 21, 2025
In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management... Moderate Unreviewed
CVE-2024-9431 was published Mar 20, 2025
Open WebUI Allows Admin Deletion via API Endpoint High
CVE-2024-7039 was published for open-webui (pip) Mar 20, 2025
In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with... Moderate Unreviewed
CVE-2024-10273 was published Mar 20, 2025
XWiki uses the wrong wiki reference in AuthorizationManager High
CVE-2025-29924 was published for org.xwiki.platform:xwiki-platform-security-authorization-api (Maven) Mar 19, 2025
Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress... Moderate Unreviewed
CVE-2025-2324 was published Mar 19, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... Moderate Unreviewed
CVE-2024-48828 was published Mar 17, 2025
An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix... Moderate Unreviewed
CVE-2025-25872 was published Mar 14, 2025
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed
CVE-2025-2232 was published Mar 14, 2025
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-13376 was published Mar 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database