Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,067
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

277,412 advisories

Loading
Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical... Moderate Unreviewed
CVE-2025-52457 was published Nov 18, 2025
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12974 was published Nov 18, 2025
Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High... Moderate Unreviewed
CVE-2025-52578 was published Nov 18, 2025
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due... Unknown Unreviewed
CVE-2025-48593 was published Nov 18, 2025
In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates... Critical Unreviewed
CVE-2025-48581 was published Sep 4, 2025
Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an... Low Unreviewed
CVE-2025-64734 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13227 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13229 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13230 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13224 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13223 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13228 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13226 was published Nov 18, 2025
In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix... Moderate Unreviewed
CVE-2022-50088 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address... High Unreviewed
CVE-2022-50085 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address... High Unreviewed
CVE-2022-50084 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same... Moderate Unreviewed
CVE-2022-50086 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change... Moderate Unreviewed
CVE-2022-50091 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix... Moderate Unreviewed
CVE-2022-50141 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free... Moderate Unreviewed
CVE-2022-50092 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential... Moderate Unreviewed
CVE-2022-50138 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in... High Unreviewed
CVE-2022-50082 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out... High Unreviewed
CVE-2022-50094 was published Jun 18, 2025
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without... Low Unreviewed
CVE-2025-12792 was published Nov 18, 2025
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0... High Unreviewed
CVE-2025-8693 was published Nov 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database