Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake... Moderate Unreviewed
CVE-2025-11718 was published Oct 14, 2025
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that... High Unreviewed
CVE-2025-11720 was published Oct 14, 2025
WSO2 Identity Server Apps allows content spoofing in logs Moderate
CVE-2024-6429 was published for org.wso2.identity.apps:authentication-portal (Maven) Sep 23, 2025
cai0duque
Credited to cai0duque
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but... Moderate Unreviewed
CVE-2025-10290 was published Sep 16, 2025
The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe... Moderate Unreviewed
CVE-2025-43327 was published Sep 16, 2025
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-9491 was published Aug 26, 2025
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability... Moderate Unreviewed
CVE-2025-9186 was published Aug 19, 2025
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a... Moderate Unreviewed
CVE-2025-8364 was published Aug 19, 2025
In the address bar, Firefox for Android truncated the display of URLs from the end instead of... Moderate Unreviewed
CVE-2025-8041 was published Aug 19, 2025
Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox... Moderate Unreviewed
CVE-2025-9183 was published Aug 19, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android... Moderate Unreviewed
CVE-2025-49755 was published Aug 12, 2025
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8582 was published Aug 7, 2025
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8583 was published Aug 7, 2025
The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6.... Moderate Unreviewed
CVE-2025-43228 was published Jul 30, 2025
Withdrawn Advisory: JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025 withdrawn
Focus incorrectly truncated URLs towards the beginning instead of around the origin. This... Critical Unreviewed
CVE-2025-8043 was published Jul 22, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-47964 was published Jul 11, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-47963 was published Jul 11, 2025
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2024-39730 was published Jun 28, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf... Moderate Unreviewed
CVE-2025-5986 was published Jun 11, 2025
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5066 was published May 27, 2025
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5065 was published May 27, 2025
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7... Low Unreviewed
CVE-2024-9163 was published May 23, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based)... Moderate Unreviewed
CVE-2025-29825 was published May 2, 2025
Websites directing users to long URLs that caused eliding to occur in the location view could... Moderate Unreviewed
CVE-2025-3859 was published Apr 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database