Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,877
Erlang
37
GitHub Actions
38
Go
2,538
Maven
5,000+
npm
4,197
NuGet
743
pip
3,971
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

102 advisories

Loading
WSO2 Identity Server Apps allows content spoofing in logs Moderate
CVE-2024-6429 was published for org.wso2.identity.apps:authentication-portal (Maven) Sep 23, 2025
cai0duque
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but... Moderate Unreviewed
CVE-2025-10290 was published Sep 16, 2025
The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe... Moderate Unreviewed
CVE-2025-43327 was published Sep 16, 2025
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-9491 was published Aug 26, 2025
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability... Moderate Unreviewed
CVE-2025-9186 was published Aug 19, 2025
In the address bar, Firefox for Android truncated the display of URLs from the end instead of... Moderate Unreviewed
CVE-2025-8041 was published Aug 19, 2025
Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox... Moderate Unreviewed
CVE-2025-9183 was published Aug 19, 2025
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a... Moderate Unreviewed
CVE-2025-8364 was published Aug 19, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android... Moderate Unreviewed
CVE-2025-49755 was published Aug 12, 2025
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8582 was published Aug 7, 2025
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8583 was published Aug 7, 2025
The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6.... Moderate Unreviewed
CVE-2025-43228 was published Jul 30, 2025
Withdrawn Advisory: JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025 withdrawn
Focus incorrectly truncated URLs towards the beginning instead of around the origin. This... Critical Unreviewed
CVE-2025-8043 was published Jul 22, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-47963 was published Jul 11, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-47964 was published Jul 11, 2025
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2024-39730 was published Jun 28, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf... Moderate Unreviewed
CVE-2025-5986 was published Jun 11, 2025
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5066 was published May 27, 2025
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5065 was published May 27, 2025
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7... Low Unreviewed
CVE-2024-9163 was published May 23, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based)... Moderate Unreviewed
CVE-2025-29825 was published May 2, 2025
Websites directing users to long URLs that caused eliding to occur in the location view could... Moderate Unreviewed
CVE-2025-3859 was published Apr 30, 2025
A specially crafted filename containing a large number of encoded newline characters could... Moderate Unreviewed
CVE-2025-4086 was published Apr 29, 2025
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through... Low Unreviewed
CVE-2025-46394 was published Apr 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database