Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows... Moderate Unreviewed
CVE-2025-1790 was published Feb 13, 2026
Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated... Moderate Unreviewed
CVE-2025-58379 was published Feb 3, 2026
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive... Moderate Unreviewed
CVE-2026-22549 was published Feb 4, 2026
Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard Moderate
CVE-2026-23528 was published for distributed (pip) Jan 16, 2026
IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through... Moderate Unreviewed
CVE-2025-36059 was published Jan 20, 2026
Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30... Moderate Unreviewed
CVE-2025-46696 was published Jan 6, 2026
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall... Moderate Unreviewed
CVE-2025-40602 was published Dec 18, 2025
A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation... Moderate Unreviewed
CVE-2025-62876 was published Nov 12, 2025
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator... Moderate Unreviewed
CVE-2025-9055 was published Nov 11, 2025
The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a... Moderate Unreviewed
CVE-2024-28140 was published Dec 11, 2024
Apache Airflow's create action can upsert existing Pools/Connections/Variables Moderate
CVE-2025-62503 was published for apache-airflow (pip) Oct 30, 2025
Apache Airflow `/api/v2/dagReports` executes DAG Python in API Moderate
CVE-2025-62402 was published for apache-airflow (pip) Oct 30, 2025
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Moderate Unreviewed
CVE-2025-6894 was published Oct 17, 2025
open-webui Insecure Direct Object Reference (IDOR) vulnerability Moderate
CVE-2024-7041 was published for open-webui (pip) Oct 9, 2024
A potential privilege escalation through Sudo vulnerability has been identified in the Poly... Moderate Unreviewed
CVE-2025-43487 was published Jul 23, 2025
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an... Moderate Unreviewed
CVE-2025-37128 was published Sep 17, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged... Moderate Unreviewed
CVE-2024-47120 was published Sep 10, 2025
Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges... Moderate Unreviewed
CVE-2025-21110 was published Aug 14, 2025
ACAP applications can be executed with elevated privileges, potentially leading to privilege... Moderate Unreviewed
CVE-2025-3892 was published Aug 12, 2025
SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are... Moderate Unreviewed
CVE-2025-42943 was published Aug 12, 2025
Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and... Moderate Unreviewed
CVE-2025-55077 was published Aug 7, 2025
The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it... Moderate Unreviewed
CVE-2025-24331 was published Jul 2, 2025
Execution with Unnecessary Privileges vulnerability in the Pager agent of multi-agent... Moderate Unreviewed
CVE-2025-0921 was published May 16, 2025
Harden-Runner allows evasion of 'disable-sudo' policy Moderate
CVE-2025-32955 was published for step-security/harden-runner (GitHub Actions) Apr 22, 2025
loresuso darryk10
Credited to loresuso and darryk10
A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit)... Moderate Unreviewed
CVE-2025-23009 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database