Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

155 advisories

Loading
Grav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account Takeover High
CVE-2025-66296 was published for getgrav/grav (Composer) Dec 2, 2025
NicatAliyevh
Credited to NicatAliyevh
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to... High Unreviewed
CVE-2025-45311 was published Nov 26, 2025
OpenBao is Vulnerable to Privileged Operator Identity Group Root Escalation High
CVE-2025-64761 was published for github.com/openbao/openbao (Go) Nov 24, 2025
cipherboy
Credited to cipherboy
A vulnerability was found in Sonarr 4.0.15.2940. The impacted element is an unknown function of... High Unreviewed
CVE-2025-13131 was published Nov 14, 2025
A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown... High Unreviewed
CVE-2025-13130 was published Nov 14, 2025
Observability Operator is vulnerable to Incorrect Privilege Assignment through its Custom Resource MonitorStack High
CVE-2025-2843 was published for github.com/rhobs/observability-operator (Go) Nov 12, 2025
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed
CVE-2024-32009 was published Nov 11, 2025
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a... High Unreviewed
CVE-2025-62034 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar... High Unreviewed
CVE-2025-49900 was published Nov 6, 2025
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability... High Unreviewed
CVE-2024-58273 was published Oct 31, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege... High Unreviewed
CVE-2025-36007 was published Oct 27, 2025
Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows... High Unreviewed
CVE-2025-62007 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege... High Unreviewed
CVE-2025-60220 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows... High Unreviewed
CVE-2025-59580 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege... High Unreviewed
CVE-2025-53425 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration... High Unreviewed
CVE-2025-53428 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce... High Unreviewed
CVE-2025-49924 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress... High Unreviewed
CVE-2025-48082 was published Oct 22, 2025
Potential vulnerabilities have been identified in the audio package for certain HP PC products... High Unreviewed
CVE-2025-10576 was published Oct 15, 2025
Potential vulnerabilities have been identified in the audio package for certain HP PC products... High Unreviewed
CVE-2025-10577 was published Oct 15, 2025
Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1... High Unreviewed
CVE-2025-43914 was published Oct 7, 2025
A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue... High Unreviewed
CVE-2025-10941 was published Sep 25, 2025
NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges... High Unreviewed
CVE-2025-58323 was published Aug 29, 2025
NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges... High Unreviewed
CVE-2025-58322 was published Aug 28, 2025
Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior... High Unreviewed
CVE-2025-57797 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database