Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,419
Maven
5,000+
npm
4,055
NuGet
723
pip
3,847
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,732 advisories

Loading
Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. High Unreviewed
CVE-2024-12284 was published Feb 20, 2025
Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation... High Unreviewed
CVE-2025-0893 was published Feb 19, 2025
An issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate... Moderate Unreviewed
CVE-2024-57778 was published Feb 14, 2025
CWE-269: Improper Privilege Management vulnerability exists for two services (of which one... High Unreviewed
CVE-2025-0327 was published Feb 13, 2025
Easy!Appointments Improper Restriction of Excessive Authentication Attempts Critical
CVE-2024-57602 was published for alextselegidis/easyappointments (Composer) Feb 13, 2025
An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-51440 was published Feb 13, 2025
MaysWind ezBookkeeping has Improper Privilege Management Critical
CVE-2024-57604 was published for github.com/mayswind/ezbookkeeping (Go) Feb 13, 2025
An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate... Low Unreviewed
CVE-2024-51324 was published Feb 12, 2025
A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to... High Unreviewed
CVE-2024-21966 was published Feb 11, 2025
Ash Authentication has flawed token revocation checking logic in actions generated by `mix ash_authentication.install` Moderate
CVE-2025-25202 was published for ash_authentication (Erlang) Feb 11, 2025
wilburyang zachdaniel
jimsynz
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up... Critical Unreviewed
CVE-2025-0180 was published Feb 11, 2025
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via... Critical Unreviewed
CVE-2024-55215 was published Feb 8, 2025
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and... High Unreviewed
CVE-2025-23093 was published Feb 6, 2025
MobSF Local Privilege Escalation High
CVE-2025-24805 was published for mobsf (pip) Feb 5, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11467 was published Feb 5, 2025
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly... High Unreviewed
CVE-2024-12511 was published Feb 3, 2025
The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due... High Unreviewed
CVE-2024-13343 was published Feb 1, 2025
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor... Moderate Unreviewed
CVE-2025-22220 was published Jan 30, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This... High Unreviewed
CVE-2025-0834 was published Jan 30, 2025
An improper privilege management vulnerability in OTRS Generic Interface module allows change of... Low Unreviewed
CVE-2024-43446 was published Jan 27, 2025
Directus allows privilege escalation using Share feature Moderate
CVE-2025-24353 was published for @directus/app (npm) Jan 23, 2025
viters m3t3kh4n
Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File... Moderate Unreviewed
CVE-2025-0651 was published Jan 22, 2025
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an... High Unreviewed
CVE-2024-49742 was published Jan 22, 2025
Buildah allows build breakout using malicious Containerfiles and concurrent builds High
CVE-2024-11218 was published for github.com/containers/buildah (Go) Jan 21, 2025
eriksjolund
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database