Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100 advisories

Loading
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... High Unreviewed
CVE-2025-11209 was published Nov 7, 2025
Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker... High Unreviewed
CVE-2025-12430 was published Nov 10, 2025
An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is... High Unreviewed
CVE-2025-27916 was published Nov 6, 2025
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This... High Unreviewed
CVE-2024-10462 was published Oct 29, 2024
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This... High Unreviewed
CVE-2024-10465 was published Oct 29, 2024
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an... High Unreviewed
CVE-2025-3875 was published May 14, 2025
A crafted URL containing specific Unicode characters could have hidden the true origin of the... High Unreviewed
CVE-2025-3029 was published Apr 1, 2025
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads... High Unreviewed
CVE-2022-2324 was published Jul 30, 2022
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On... High Unreviewed
CVE-2025-11843 was published Oct 31, 2025
A security vulnerability was identified in Obsidian Scheduler's REST API 5.0.0 thru 6.3.0. If an... High Unreviewed
CVE-2025-56449 was published Sep 29, 2025
Windows AppX Installer Spoofing Vulnerability High Unreviewed
CVE-2021-43890 was published Dec 16, 2021
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to... High Unreviewed
CVE-2025-37147 was published Oct 14, 2025
Wi-SUN unexpected 4- Way Handshake packet receptions may lead to predictable keys and potentially... High Unreviewed
CVE-2025-7448 was published Sep 12, 2025
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503... High Unreviewed
CVE-2025-6188 was published Aug 26, 2025
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval... High Unreviewed
CVE-2025-31511 was published Jul 22, 2025
IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges... High Unreviewed
CVE-2025-36119 was published Aug 8, 2025
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... High Unreviewed
CVE-2023-4566 was published Jan 16, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... High Unreviewed
CVE-2023-44117 was published Jan 16, 2024
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of... High Unreviewed
CVE-2025-48906 was published Jun 6, 2025
Windows DNS Spoofing Vulnerability High Unreviewed
CVE-2023-35622 was published Dec 12, 2023
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP... High Unreviewed
CVE-2025-28128 was published Apr 25, 2025
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in... High Unreviewed
CVE-2025-29621 was published Apr 22, 2025
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by... High Unreviewed
CVE-2017-8422 was published May 13, 2022
There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this... High Unreviewed
CVE-2025-2188 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database