Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,239
NuGet
754
pip
4,003
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,799 advisories

Loading
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for... High Unreviewed
CVE-2025-6042 was published Oct 15, 2025
Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability... Moderate Unreviewed
CVE-2025-56747 was published Oct 14, 2025
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx.... High Unreviewed
CVE-2025-9067 was published Oct 14, 2025
A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer... High Unreviewed
CVE-2025-9068 was published Oct 14, 2025
The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,... Critical Unreviewed
CVE-2025-11533 was published Oct 11, 2025
python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any... Moderate Unreviewed
CVE-2025-61152 was published Oct 10, 2025
Azure PlayFab Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-59247 was published Oct 9, 2025
A flaw was found in the integration of Active Directory and the System Security Services Daemon ... High Unreviewed
CVE-2025-11561 was published Oct 9, 2025
Deno's --deny-read check does not prevent permission bypass Low
CVE-2025-61786 was published for deno (Rust) Oct 8, 2025
dellalibera
Credited to dellalibera
Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass... High Unreviewed
CVE-2025-34251 was published Oct 7, 2025
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements (allow-dyld-environment... Moderate Unreviewed
CVE-2025-57443 was published Oct 2, 2025
A potential security vulnerability has been identified in the HP Support Assistant for versions... Moderate Unreviewed
CVE-2025-10578 was published Oct 1, 2025
Local privilege escalation due to insecure XPC service configuration. The following products are... High Unreviewed
CVE-2025-7779 was published Sep 30, 2025
In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com... High Unreviewed
CVE-2025-10657 was published Sep 26, 2025
In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can... Critical Unreviewed
CVE-2025-55187 was published Sep 26, 2025
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in... Low Unreviewed
CVE-2025-5494 was published Sep 25, 2025
Improper privilege management vulnerability in Novakon P series allows attackers to gain root... High Unreviewed
CVE-2025-9966 was published Sep 23, 2025
Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on... High Unreviewed
CVE-2025-9038 was published Sep 22, 2025
Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation.... Moderate Unreviewed
CVE-2025-57396 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS... High Unreviewed
CVE-2025-34204 was published Sep 19, 2025
An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via... High Unreviewed
CVE-2025-54761 was published Sep 19, 2025
SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator... High Unreviewed
CVE-2025-10650 was published Sep 18, 2025
A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways... High Unreviewed
CVE-2025-37123 was published Sep 17, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43333 was published Sep 16, 2025
An issue in PHPGurukul Online-Library-Management-System v3.0 allows an attacker to escalate... Critical Unreviewed
CVE-2025-57118 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database