Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,813 advisories

Loading
An issue in NCR Atleos Terminal Manager (ConfigApp) v3.4.0 allows attackers to escalate... High Unreviewed
CVE-2025-61429 was published Oct 29, 2025
Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed
CVE-2025-12425 was published Oct 28, 2025
Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Critical Unreviewed
CVE-2025-12424 was published Oct 28, 2025
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with... High Unreviewed
CVE-2025-1037 was published Oct 28, 2025
In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege... Moderate Unreviewed
CVE-2021-43768 was published Oct 24, 2025
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... High Unreviewed
CVE-2025-11086 was published Oct 22, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-62592 was published Oct 21, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-61759 was published Oct 21, 2025
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4... Low Unreviewed
CVE-2025-5496 was published Oct 21, 2025
An attacker may obtain the root shell on the underlying OS system with the restricted conditions... High Unreviewed
CVE-2025-7851 was published Oct 21, 2025
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for... High Unreviewed
CVE-2025-6042 was published Oct 15, 2025
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx.... High Unreviewed
CVE-2025-9067 was published Oct 14, 2025
Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability... Moderate Unreviewed
CVE-2025-56747 was published Oct 14, 2025
A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer... High Unreviewed
CVE-2025-9068 was published Oct 14, 2025
The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,... Critical Unreviewed
CVE-2025-11533 was published Oct 11, 2025
python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any... Moderate Unreviewed
CVE-2025-61152 was published Oct 10, 2025
Azure PlayFab Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-59247 was published Oct 9, 2025
A flaw was found in the integration of Active Directory and the System Security Services Daemon ... High Unreviewed
CVE-2025-11561 was published Oct 9, 2025
Deno's --deny-read check does not prevent permission bypass Low
CVE-2025-61786 was published for deno (Rust) Oct 8, 2025
dellalibera
Credited to dellalibera
Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass... High Unreviewed
CVE-2025-34251 was published Oct 7, 2025
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements (allow-dyld-environment... Moderate Unreviewed
CVE-2025-57443 was published Oct 2, 2025
A potential security vulnerability has been identified in the HP Support Assistant for versions... Moderate Unreviewed
CVE-2025-10578 was published Oct 1, 2025
Local privilege escalation due to insecure XPC service configuration. The following products are... High Unreviewed
CVE-2025-7779 was published Sep 30, 2025
In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com... High Unreviewed
CVE-2025-10657 was published Sep 26, 2025
In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can... Critical Unreviewed
CVE-2025-55187 was published Sep 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database