Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

907 advisories

Loading
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-13534 was published Dec 2, 2025
Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks... Moderate Unreviewed
CVE-2025-59790 was published Nov 28, 2025
CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions,... Moderate Unreviewed
CVE-2025-66265 was published Nov 26, 2025
python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any... Moderate Unreviewed
CVE-2025-61152 was published Oct 10, 2025
The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary... Moderate Unreviewed
CVE-2017-7767 was published May 13, 2022
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is... Moderate Unreviewed
CVE-2017-7782 was published May 13, 2022
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local... Moderate Unreviewed
CVE-2017-5409 was published May 13, 2022
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged... Moderate Unreviewed
CVE-2025-32353 was published Jul 16, 2025
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute... Moderate Unreviewed
CVE-2025-20346 was published Nov 13, 2025
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Moderate Unreviewed
CVE-2025-24863 was published Nov 11, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1,... Moderate Unreviewed
CVE-2023-42952 was published Feb 21, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31005 was published Feb 3, 2024
In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege... Moderate Unreviewed
CVE-2021-43768 was published Oct 24, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-61759 was published Oct 21, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-62592 was published Oct 21, 2025
Privilege escalation to NetworkService Account access in Citrix Session Recording when an... Moderate Unreviewed
CVE-2024-8068 was published Nov 12, 2024
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles... Moderate Unreviewed
CVE-2020-0638 was published May 24, 2022
Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation. ACL are... Moderate Unreviewed
CVE-2025-4649 was published May 13, 2025
In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management... Moderate Unreviewed
CVE-2024-9431 was published Mar 20, 2025
In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with... Moderate Unreviewed
CVE-2024-10273 was published Mar 20, 2025
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API... Moderate Unreviewed
CVE-2024-7048 was published Oct 10, 2024
Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability... Moderate Unreviewed
CVE-2025-56747 was published Oct 14, 2025
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as... Moderate Unreviewed
CVE-2024-4259 was published Sep 3, 2024
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal... Moderate Unreviewed
CVE-2024-4428 was published Aug 29, 2024
When a notification relating to low battery appears for a user with whom the device has been... Moderate Unreviewed
CVE-2025-4975 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database