Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,261
Maven
5,000+
npm
3,910
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,584 advisories

Loading
The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including,... High Unreviewed
CVE-2025-2238 was published Apr 25, 2025
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2025-3101 was published Apr 24, 2025
The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-3761 was published Apr 24, 2025
An improper privilege management vulnerability in the recovery function of the USG FLEX H series... Moderate Unreviewed
CVE-2025-1732 was published Apr 22, 2025
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed
CVE-2025-3278 was published Apr 19, 2025
An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers... High Unreviewed
CVE-2025-28237 was published Apr 18, 2025
Omnissa Horizon Client for Windows contains an LPE Vulnerability. A malicious actor with local... High Unreviewed
CVE-2025-25230 was published Apr 17, 2025
An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28399 was published Apr 15, 2025
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0... High Unreviewed
CVE-2025-3418 was published Apr 12, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and... Moderate Unreviewed
CVE-2023-38614 was published Apr 11, 2025
An app may be able to elevate privileges. This issue is fixed in macOS 14. This issue was... High Unreviewed
CVE-2023-41076 was published Apr 11, 2025
Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to... High Unreviewed
CVE-2025-29800 was published Apr 8, 2025
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The... Moderate Unreviewed
CVE-2025-29999 was published Apr 8, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter Moderate Unreviewed
CVE-2025-28401 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the postID... Moderate Unreviewed
CVE-2025-28400 was published Apr 7, 2025
The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-2798 was published Apr 4, 2025
The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme,... High Unreviewed
CVE-2025-3105 was published Apr 4, 2025
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One Role Name... Low Unreviewed
CVE-2025-31285 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Roles... Low Unreviewed
CVE-2025-31283 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Account... Low Unreviewed
CVE-2025-31282 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One Status... Low Unreviewed
CVE-2025-31284 was published Apr 2, 2025
An issue in BambooHR Build v.25.0210.170831-83b08dd allows a remote attacker to escalate... High Unreviewed
CVE-2025-29033 was published Apr 1, 2025
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor... High Unreviewed
CVE-2025-22231 was published Apr 1, 2025
The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication... Critical Unreviewed
CVE-2025-2237 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database