Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
Drupal core allows Content Spoofing Low
CVE-2025-13082 was published for drupal/core (Composer) Nov 18, 2025
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998... Moderate Unreviewed
CVE-2025-13102 was published Nov 14, 2025
Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-13107 was published Nov 14, 2025
Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a... Moderate Unreviewed
CVE-2024-13178 was published Nov 14, 2025
Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60... Moderate Unreviewed
CVE-2024-7021 was published Nov 14, 2025
Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58... Moderate Unreviewed
CVE-2024-11919 was published Nov 14, 2025
Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote... Moderate Unreviewed
CVE-2025-12446 was published Nov 10, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137... Moderate Unreviewed
CVE-2025-12729 was published Nov 10, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137... Moderate Unreviewed
CVE-2025-12728 was published Nov 10, 2025
Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-12911 was published Nov 8, 2025
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed... Moderate Unreviewed
CVE-2025-11212 was published Nov 7, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... Moderate Unreviewed
CVE-2025-11213 was published Nov 7, 2025
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote... Moderate Unreviewed
CVE-2025-11208 was published Nov 7, 2025
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake... Moderate Unreviewed
CVE-2025-11718 was published Oct 14, 2025
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that... High Unreviewed
CVE-2025-11720 was published Oct 14, 2025
WSO2 Identity Server Apps allows content spoofing in logs Moderate
CVE-2024-6429 was published for org.wso2.identity.apps:authentication-portal (Maven) Sep 23, 2025
cai0duque
Credited to cai0duque
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but... Moderate Unreviewed
CVE-2025-10290 was published Sep 16, 2025
The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe... Moderate Unreviewed
CVE-2025-43327 was published Sep 16, 2025
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-9491 was published Aug 26, 2025
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability... Moderate Unreviewed
CVE-2025-9186 was published Aug 19, 2025
In the address bar, Firefox for Android truncated the display of URLs from the end instead of... Moderate Unreviewed
CVE-2025-8041 was published Aug 19, 2025
Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox... Moderate Unreviewed
CVE-2025-9183 was published Aug 19, 2025
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a... Moderate Unreviewed
CVE-2025-8364 was published Aug 19, 2025
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android... Moderate Unreviewed
CVE-2025-49755 was published Aug 12, 2025
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8582 was published Aug 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database