GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,054 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed

CVE-2025-58423 was published Nov 7, 2025

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed

CVE-2025-59171 was published Nov 7, 2025

Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... High Unreviewed

CVE-2025-11458 was published Nov 7, 2025

Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote... High Unreviewed

CVE-2025-11756 was published Nov 7, 2025

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote... High Unreviewed

CVE-2025-12036 was published Nov 7, 2025

Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Unknown Unreviewed

CVE-2025-11211 was published Nov 7, 2025

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... Unknown Unreviewed

CVE-2025-11209 was published Nov 7, 2025

Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote... Moderate Unreviewed

CVE-2025-11210 was published Nov 7, 2025

Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed... Moderate Unreviewed

CVE-2025-11212 was published Nov 7, 2025

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... Moderate Unreviewed

CVE-2025-11213 was published Nov 7, 2025

Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Low Unreviewed

CVE-2025-11219 was published Nov 7, 2025

Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Moderate Unreviewed

CVE-2025-11215 was published Nov 7, 2025

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a... Moderate Unreviewed

CVE-2025-11216 was published Nov 7, 2025

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote... Moderate Unreviewed

CVE-2025-11208 was published Nov 7, 2025

A flaw was found in the 3scale developer portal. This issue can allow account creation or updates... Moderate Unreviewed

CVE-2024-12125 was published Nov 7, 2025

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a... Unknown Unreviewed

CVE-2025-11207 was published Nov 7, 2025

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker... High Unreviewed

CVE-2025-11206 was published Nov 7, 2025

Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker... High Unreviewed

CVE-2025-11205 was published Nov 7, 2025

Soft Serve does not sanitize ANSI escape sequences in user input Moderate

CVE-2025-64494 was published for github.com/charmbracelet/soft-serve (Go) Nov 6, 2025

Credited to Tomer-PL and caarlos0

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes Moderate

CVE-2025-64437 was published for github.com/kubevirt/kubevirt (Go) Nov 6, 2025