Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,790 advisories

Loading
IQ-Support developed by IQ Service International has a Exposure of Sensitive Information... Moderate Unreviewed
CVE-2025-13160 was published Nov 14, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2025-64444 was published Nov 14, 2025
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File... Unknown Unreviewed
CVE-2025-10686 was published Nov 14, 2025
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability,... High Unreviewed
CVE-2025-13161 was published Nov 14, 2025
The issue was addressed by refusing external connections by default. This issue is fixed in... High Unreviewed
CVE-2025-43515 was published Nov 13, 2025
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Unknown Unreviewed
CVE-2025-13097 was published Nov 14, 2025
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a... Unknown Unreviewed
CVE-2024-7017 was published Nov 14, 2025
The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-12904 was published Nov 14, 2025
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998... Unknown Unreviewed
CVE-2025-13102 was published Nov 14, 2025
Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60... Unknown Unreviewed
CVE-2024-7021 was published Nov 14, 2025
Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a... Unknown Unreviewed
CVE-2024-13178 was published Nov 14, 2025
Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-9479 was published Nov 14, 2025
Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a... Unknown Unreviewed
CVE-2024-11920 was published Nov 14, 2025
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote... Unknown Unreviewed
CVE-2024-9126 was published Nov 14, 2025
Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a... Unknown Unreviewed
CVE-2024-13983 was published Nov 14, 2025
Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a... Unknown Unreviewed
CVE-2025-13107 was published Nov 14, 2025
Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58... Unknown Unreviewed
CVE-2024-11919 was published Nov 14, 2025
Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on... Moderate Unreviewed
CVE-2025-10259 was published Nov 6, 2025
operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd Moderate
CVE-2025-7195 was published for github.com/operator-framework/operator-sdk (Go) Aug 7, 2025
Keycloak vulnerable to session takeovers due to reuse of session identifiers Moderate
CVE-2025-12390 was published for org.keycloak:keycloak-services (Maven) Oct 28, 2025
levpachmanov
Credited to levpachmanov
A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown... High Unreviewed
CVE-2025-13130 was published Nov 14, 2025
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow... Critical Unreviewed
CVE-2025-36251 was published Nov 14, 2025
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments... Critical Unreviewed
CVE-2025-36096 was published Nov 14, 2025
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service ... Critical Unreviewed
CVE-2025-36250 was published Nov 14, 2025
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause... High Unreviewed
CVE-2025-47913 was published Nov 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database