Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,781
Maven
5,000+
npm
4,386
NuGet
772
pip
4,164
Pub
12
RubyGems
965
Rust
1,073
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,878 advisories

Loading
A user with a legitimate non-administrator account can exploit a vulnerability in the user ID... Unknown Unreviewed
CVE-2025-47411 was published Jan 1, 2026
theshit vulnerable to unsafe loading of user-owned Python rules when running as root Moderate
CVE-2025-69257 was published for theshit (Rust) Dec 30, 2025
AsfhtgkDavid
Credited to AsfhtgkDavid
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write High
CVE-2025-68697 was published for n8n (npm) Dec 26, 2025
berkdedekarginoglu
Credited to berkdedekarginoglu
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control... Moderate Unreviewed
CVE-2025-52599 was published Dec 26, 2025
ADB(Android Debug Bridge) is affected by type privilege bypass, successful exploitation of this... Low Unreviewed
CVE-2025-57840 was published Dec 24, 2025
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE)... High Unreviewed
CVE-2025-67826 was published Dec 22, 2025
The Flex Store Users plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed
CVE-2025-13619 was published Dec 20, 2025
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper... Moderate Unreviewed
CVE-2025-66173 was published Dec 19, 2025
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to... High Unreviewed
CVE-2023-53908 was published Dec 18, 2025
An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1... High Unreviewed
CVE-2025-67792 was published Dec 17, 2025
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 through 24.2.*, and 25.1 before 25... Critical Unreviewed
CVE-2025-67793 was published Dec 17, 2025
An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1... Critical Unreviewed
CVE-2025-67781 was published Dec 17, 2025
The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode... Moderate Unreviewed
CVE-2025-14817 was published Dec 17, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3,... High Unreviewed
CVE-2025-43512 was published Dec 12, 2025
The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to... Critical Unreviewed
CVE-2025-13764 was published Dec 11, 2025
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent... High Unreviewed
CVE-2025-12952 was published Dec 10, 2025
Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows... Moderate Unreviewed
CVE-2025-12381 was published Dec 9, 2025
Input verification vulnerability in the compression and decompression module. Impact: Successful... High Unreviewed
CVE-2025-66324 was published Dec 8, 2025
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to... High Unreviewed
CVE-2025-13292 was published Dec 6, 2025
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper... Moderate Unreviewed
CVE-2025-62686 was published Dec 3, 2025
A local privilege escalation vulnerability exists in the InstallationHelper service included with... Moderate Unreviewed
CVE-2025-55076 was published Dec 3, 2025
An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An... High Unreviewed
CVE-2025-7044 was published Dec 3, 2025
The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed
CVE-2025-13542 was published Dec 2, 2025
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through... Critical Unreviewed
CVE-2025-59693 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59697 was published Dec 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database