Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100 advisories

Loading
Incorrect Privilege Assignment vulnerability in pebas CouponXxL Custom Post Types allows... High Unreviewed
CVE-2025-52726 was published Jun 27, 2025
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates ... High Unreviewed
CVE-2025-41255 was published Jun 26, 2025
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allows Privilege Escalation.... High Unreviewed
CVE-2025-47561 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation.... High Unreviewed
CVE-2025-23974 was published Jun 9, 2025
Vulnerability of improper permission assignment in the note sharing module Impact: Successful... High Unreviewed
CVE-2025-48911 was published Jun 6, 2025
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows... High Unreviewed
CVE-2025-47631 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject:... High Unreviewed
CVE-2025-39366 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in Contempo Themes Real Estate 7 allows Privilege... High Unreviewed
CVE-2025-39459 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This... High Unreviewed
CVE-2025-39405 was published May 19, 2025
IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate... High Unreviewed
CVE-2025-2898 was published May 6, 2025
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK... High Unreviewed
CVE-2025-0131 was published May 14, 2025
Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory... High Unreviewed
CVE-2025-3744 was published May 13, 2025
An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to... High Unreviewed
CVE-2017-12711 was published May 13, 2022
Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege... High Unreviewed
CVE-2025-39542 was published Apr 17, 2025
Incorrect Privilege Assignment vulnerability in NotFound WP User Profiles allows Privilege... High Unreviewed
CVE-2025-31524 was published Apr 10, 2025
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation... High Unreviewed
CVE-2025-31420 was published Apr 4, 2025
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows... High Unreviewed
CVE-2025-31560 was published Apr 1, 2025
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to... High Unreviewed
CVE-2024-34738 was published Aug 16, 2024
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions ... High Unreviewed
CVE-2025-2098 was published Mar 26, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS... High Unreviewed
CVE-2024-23288 was published Mar 8, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... High Unreviewed
CVE-2024-49561 was published Mar 17, 2025
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-1653 was published Mar 15, 2025
GMOD Apollo does not have sufficient logical or access checks when updating a user's information.... High Unreviewed
CVE-2025-21092 was published Mar 5, 2025
In onAttach of SettingsPreferenceFragment.java, there is a possible bypass of Factory Reset... High Unreviewed
CVE-2023-20957 was published Mar 24, 2023
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls... High Unreviewed
CVE-2025-26523 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database