Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,514 advisories

Loading
In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management... Moderate Unreviewed
CVE-2024-9431 was published Mar 20, 2025
Open WebUI Allows Admin Deletion via API Endpoint High
CVE-2024-7039 was published for open-webui (pip) Mar 20, 2025
In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with... Moderate Unreviewed
CVE-2024-10273 was published Mar 20, 2025
XWiki uses the wrong wiki reference in AuthorizationManager High
CVE-2025-29924 was published for org.xwiki.platform:xwiki-platform-security-authorization-api (Maven) Mar 19, 2025
Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress... Moderate Unreviewed
CVE-2025-2324 was published Mar 19, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... Moderate Unreviewed
CVE-2024-48828 was published Mar 17, 2025
An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix... Moderate Unreviewed
CVE-2025-25872 was published Mar 14, 2025
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed
CVE-2025-2232 was published Mar 14, 2025
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-13376 was published Mar 14, 2025
An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges... Moderate Unreviewed
CVE-2024-57062 was published Mar 13, 2025
Xerox Desktop Print Experience application contains a Local Privilege Escalation (LPE)... Moderate Unreviewed
CVE-2025-1984 was published Mar 12, 2025
Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate... Moderate Unreviewed
CVE-2025-21199 was published Mar 11, 2025
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed
CVE-2025-26704 was published Mar 11, 2025
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed
CVE-2025-26705 was published Mar 11, 2025
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed
CVE-2025-26703 was published Mar 11, 2025
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed
CVE-2025-26706 was published Mar 11, 2025
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed
CVE-2025-26707 was published Mar 11, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18,... Moderate Unreviewed
CVE-2024-54560 was published Mar 10, 2025
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-0177 was published Mar 8, 2025
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation... High Unreviewed
CVE-2024-13835 was published Mar 8, 2025
Test CVE description Moderate Unreviewed
CVE-2025-1121 was published Mar 7, 2025
The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11951 was published Mar 5, 2025
The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed
CVE-2024-12281 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0... High Unreviewed
CVE-2025-27639 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... High Unreviewed
CVE-2025-27644 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database