Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,786 advisories

Loading
Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files Low
CVE-2025-48985 was published for ai (npm) Nov 7, 2025
Nuxt DevTools vulnerable to cross-site scripting (XSS) Moderate
CVE-2025-52662 was published for @nuxt/devtools (npm) Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-62630 was published Nov 7, 2025
Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger... Moderate Unreviewed
CVE-2025-64302 was published Nov 7, 2025
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that... Moderate Unreviewed
CVE-2025-12789 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-58423 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-59171 was published Nov 7, 2025
Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... High Unreviewed
CVE-2025-11460 was published Nov 7, 2025
Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote... High Unreviewed
CVE-2025-11756 was published Nov 7, 2025
Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote... High Unreviewed
CVE-2025-12036 was published Nov 7, 2025
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... High Unreviewed
CVE-2025-11458 was published Nov 7, 2025
The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an... High Unreviewed
CVE-2025-12636 was published Nov 7, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... High Unreviewed
CVE-2025-11209 was published Nov 7, 2025
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... High Unreviewed
CVE-2025-11211 was published Nov 7, 2025
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote... Moderate Unreviewed
CVE-2025-11208 was published Nov 7, 2025
Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote... Moderate Unreviewed
CVE-2025-11210 was published Nov 7, 2025
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed... Moderate Unreviewed
CVE-2025-11212 was published Nov 7, 2025
Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Moderate Unreviewed
CVE-2025-11215 was published Nov 7, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... Moderate Unreviewed
CVE-2025-11213 was published Nov 7, 2025
Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a... Moderate Unreviewed
CVE-2025-11216 was published Nov 7, 2025
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Low Unreviewed
CVE-2025-11219 was published Nov 7, 2025
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a... Moderate Unreviewed
CVE-2025-11207 was published Nov 7, 2025
Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker... High Unreviewed
CVE-2025-11205 was published Nov 7, 2025
Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker... High Unreviewed
CVE-2025-11206 was published Nov 7, 2025
A flaw was found in the 3scale developer portal. This issue can allow account creation or updates... Moderate Unreviewed
CVE-2024-12125 was published Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database