Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

118 advisories

Loading
Hashicorp Vault has Privilege Escalation Vulnerability High
CVE-2025-5999 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Duplicate Advisory: users may append `root` to group listings High
GHSA-jq8x-v7jw-v675 was published for users (Rust) Jun 6, 2025 withdrawn
A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1... High Unreviewed
CVE-2025-8181 was published Jul 26, 2025
Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation... High Unreviewed
CVE-2025-47422 was published Jul 8, 2025
A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated,... High Unreviewed
CVE-2021-1303 was published May 24, 2022
The misconfiguration in the sudoers configuration of the operating system in Infinera G42... High Unreviewed
CVE-2025-27021 was published Jul 2, 2025
Hashicorp Nomad Incorrect Privilege Assignment vulnerability High
CVE-2025-4922 was published for github.com/hashicorp/nomad (Go) Jun 11, 2025
dduzgun-security
Incorrect Privilege Assignment vulnerability in pebas CouponXxL Custom Post Types allows... High Unreviewed
CVE-2025-52726 was published Jun 27, 2025
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates ... High Unreviewed
CVE-2025-41255 was published Jun 26, 2025
XWiki allows privilege escalation through link refactoring High
CVE-2025-49580 was published for org.xwiki.platform:xwiki-platform-refactoring-default (Maven) Jun 13, 2025
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allows Privilege Escalation.... High Unreviewed
CVE-2025-47561 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation.... High Unreviewed
CVE-2025-23974 was published Jun 9, 2025
users may append `root` to group listings High
CVE-2025-5791 was published for users (Rust) Jun 5, 2025
Vulnerability of improper permission assignment in the note sharing module Impact: Successful... High Unreviewed
CVE-2025-48911 was published Jun 6, 2025
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows... High Unreviewed
CVE-2025-47631 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject:... High Unreviewed
CVE-2025-39366 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in Contempo Themes Real Estate 7 allows Privilege... High Unreviewed
CVE-2025-39459 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This... High Unreviewed
CVE-2025-39405 was published May 19, 2025
IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate... High Unreviewed
CVE-2025-2898 was published May 6, 2025
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK... High Unreviewed
CVE-2025-0131 was published May 14, 2025
Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory... High Unreviewed
CVE-2025-3744 was published May 13, 2025
An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to... High Unreviewed
CVE-2017-12711 was published May 13, 2022
Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege... High Unreviewed
CVE-2025-39542 was published Apr 17, 2025
Incorrect Privilege Assignment vulnerability in NotFound WP User Profiles allows Privilege... High Unreviewed
CVE-2025-31524 was published Apr 10, 2025
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation... High Unreviewed
CVE-2025-31420 was published Apr 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database