GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,434
Composer 4,679
Erlang 34
GitHub Actions 26
Go 2,268
Maven 5,535
npm 3,923
NuGet 705
pip 3,686
Pub 12
RubyGems 916
Rust 944
Swift 38

Unreviewed advisories

All unreviewed 254,223

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,590 advisories

Filter by severity

Sort by

Least recently updated

An attacker with control over a content process could potentially leverage the privileged UITour... High Unreviewed

CVE-2025-4085 was published Apr 29, 2025

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-3438 was published May 2, 2025

The system framework layer has a vulnerability of serialization/deserialization mismatch.... Critical Unreviewed

CVE-2022-44562 was published Nov 10, 2022

In Zoho ManageEngine Mobile Device Manager Plus before 10.1.2207.5, the User Administration... High Unreviewed

CVE-2022-41339 was published Nov 12, 2022

XWiki uses the wrong wiki reference in AuthorizationManager High

CVE-2025-29924 was published for org.xwiki.platform:xwiki-platform-security-authorization-api (Maven) Mar 19, 2025

org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type Critical

CVE-2025-32974 was published for org.xwiki.platform:xwiki-platform-security-requiredrights-default (Maven) Apr 29, 2025

A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command... Critical Unreviewed

CVE-2021-3919 was published Dec 12, 2022

There is a Permission Management and Access Control vulnerability in the GoldenDB database... Moderate Unreviewed

CVE-2025-46576 was published Apr 27, 2025

The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including,... High Unreviewed

CVE-2025-2238 was published Apr 25, 2025

A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed

CVE-2022-27773 was published Dec 6, 2022

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-44929 was published Dec 2, 2022

An improper privilege management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed

CVE-2022-23737 was published Dec 1, 2022

The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed

CVE-2025-3101 was published Apr 24, 2025

The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2025-3761 was published Apr 24, 2025

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3... High Unreviewed

CVE-2022-3641 was published Dec 12, 2022

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to... Critical Unreviewed

CVE-2024-37858 was published Jul 29, 2024

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and... High Unreviewed

CVE-2022-42796 was published Nov 2, 2022

An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers... High Unreviewed

CVE-2025-28237 was published Apr 18, 2025

An improper privilege management vulnerability in the recovery function of the USG FLEX H series... Moderate Unreviewed

CVE-2025-1732 was published Apr 22, 2025

A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2,... High Unreviewed

CVE-2022-42855 was published Dec 15, 2022

An access issue existed with privileged API calls. This issue was addressed with additional... High Unreviewed

CVE-2022-42849 was published Dec 15, 2022

A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions... Critical Unreviewed

CVE-2017-9944 was published May 13, 2022

Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access... High Unreviewed

CVE-2017-11319 was published May 13, 2022

ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a... High Unreviewed

CVE-2017-17384 was published May 13, 2022

In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users ... High Unreviewed

CVE-2017-5254 was published May 13, 2022

Previous 1 2 3 4 5 … 143 144 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,590 advisories