Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13226 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13227 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13228 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13230 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13229 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13223 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13224 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform... High Unreviewed
CVE-2025-12428 was published Nov 10, 2025
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of... High Unreviewed
CVE-2022-50590 was published Nov 6, 2025
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr&... Critical Unreviewed
CVE-2025-47151 was published Nov 5, 2025
uv has differential in tar extraction with PAX headers Low
GHSA-w476-p2h3-79g9 was published for uv (pip) Oct 21, 2025
woodruffw zanieb
Credited to woodruffw and zanieb
astral-tokio-tar Vulnerable to PAX Header Desynchronization High
CVE-2025-62518 was published for astral-tokio-tar (Rust) Oct 21, 2025
woodruffw tycho
azenla anners mnm678 zanieb
Credited to woodruffw, tycho, azenla, anners, mnm678, and zanieb
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59231 was published Oct 14, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59233 was published Oct 14, 2025
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
python-ldap has sanitization bypass in ldap.filter.escape_filter_chars Moderate
CVE-2025-61911 was published for python-ldap (pip) Oct 10, 2025
lukas-eu
Credited to lukas-eu
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to... High Unreviewed
CVE-2025-10585 was published Sep 24, 2025
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Type Confusion... High Unreviewed
CVE-2025-8354 was published Sep 23, 2025
@digitalocean/do-markdownit has Type Confusion vulnerability Moderate
CVE-2025-59717 was published for @digitalocean/do-markdownit (npm) Sep 19, 2025
cai0duque
Credited to cai0duque
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8002 was published Sep 17, 2025
Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8000 was published Sep 17, 2025
Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8005 was published Sep 17, 2025
Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-7999 was published Sep 17, 2025
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-7995 was published Sep 17, 2025
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS... Moderate Unreviewed
CVE-2025-43355 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database