Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,049
NuGet
723
pip
3,843
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025
Focus incorrectly truncated URLs towards the beginning instead of around the origin. This... Critical Unreviewed
CVE-2025-8043 was published Jul 22, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-47963 was published Jul 11, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-47964 was published Jul 11, 2025
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2024-39730 was published Jun 28, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf... Moderate Unreviewed
CVE-2025-5986 was published Jun 11, 2025
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5066 was published May 27, 2025
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55... Moderate Unreviewed
CVE-2025-5065 was published May 27, 2025
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7... Low Unreviewed
CVE-2024-9163 was published May 23, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based)... Moderate Unreviewed
CVE-2025-29825 was published May 2, 2025
Websites directing users to long URLs that caused eliding to occur in the location view could... Moderate Unreviewed
CVE-2025-3859 was published Apr 30, 2025
A specially crafted filename containing a large number of encoded newline characters could... Moderate Unreviewed
CVE-2025-4086 was published Apr 29, 2025
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through... Low Unreviewed
CVE-2025-46394 was published Apr 23, 2025
When an email contains multiple attachments with external links via the X-Mozilla-External... Moderate Unreviewed
CVE-2025-3523 was published Apr 15, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an... Moderate Unreviewed
CVE-2025-29796 was published Apr 4, 2025
Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a... Moderate Unreviewed
CVE-2025-3072 was published Apr 2, 2025
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote... Moderate Unreviewed
CVE-2025-3073 was published Apr 2, 2025
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a... Moderate Unreviewed
CVE-2025-3074 was published Apr 2, 2025
The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and... Moderate Unreviewed
CVE-2025-30467 was published Apr 1, 2025
A clickjacking issue was addressed with improved out-of-process view handling. This issue is... High Unreviewed
CVE-2024-54558 was published Mar 10, 2025
Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35... Moderate Unreviewed
CVE-2025-1922 was published Mar 5, 2025
A web page could trick a user into setting that site as the default handler for a custom URL... Moderate Unreviewed
CVE-2025-1935 was published Mar 4, 2025
Microsoft Outlook Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21259 was published Feb 11, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21404 was published Feb 7, 2025
Microsoft Edge for IOS and Android Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21253 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database