Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,413 advisories

Loading
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via... Critical Unreviewed
CVE-2024-55215 was published Feb 8, 2025
MobSF Local Privilege Escalation High
CVE-2025-24805 was published for mobsf (pip) Feb 5, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11467 was published Feb 5, 2025
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly... High Unreviewed
CVE-2024-12511 was published Feb 3, 2025
The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due... High Unreviewed
CVE-2024-13343 was published Feb 1, 2025
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor... Moderate Unreviewed
CVE-2025-22220 was published Jan 30, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This... High Unreviewed
CVE-2025-0834 was published Jan 30, 2025
An improper privilege management vulnerability in OTRS Generic Interface module allows change of... Low Unreviewed
CVE-2024-43446 was published Jan 27, 2025
Directus allows privilege escalation using Share feature Moderate
CVE-2025-24353 was published for directus (npm) Jan 23, 2025
viters
Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File... Moderate Unreviewed
CVE-2025-0651 was published Jan 22, 2025
Buildah allows build breakout using malicious Containerfiles and concurrent builds High
CVE-2024-11218 was published for github.com/containers/buildah (Go) Jan 21, 2025
eriksjolund
Zot IdP group membership revocation ignored High
CVE-2025-23208 was published for zotregistry.dev/zot (Go) Jan 17, 2025
jeff-mccoy
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2024-9636 was published Jan 15, 2025
Windows Web Threat Defense User Service Information Disclosure Vulnerability High Unreviewed
CVE-2025-21343 was published Jan 14, 2025
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21360 was published Jan 14, 2025
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21287 was published Jan 14, 2025
An improper privilege management vulnerability in the web management interface of the Zyxel... High Unreviewed
CVE-2024-12398 was published Jan 14, 2025
A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for... High Unreviewed
CVE-2024-11128 was published Jan 14, 2025
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low... High Unreviewed
CVE-2024-53706 was published Jan 9, 2025
Vulnerability of improper permission control in the window management module Impact: Successful... High Unreviewed
CVE-2024-56447 was published Jan 8, 2025
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app... Moderate Unreviewed
CVE-2025-22621 was published Jan 7, 2025
An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to... High Unreviewed
CVE-2024-55631 was published Dec 31, 2024
A security agent link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed
CVE-2024-55632 was published Dec 31, 2024
An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data... Moderate Unreviewed
CVE-2024-13058 was published Dec 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database