Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

144,217 advisories

Loading
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a... Moderate Unreviewed
CVE-2025-13637 was published Dec 2, 2025
Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a... Moderate Unreviewed
CVE-2025-13636 was published Dec 2, 2025
Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an... Moderate Unreviewed
CVE-2025-13632 was published Dec 2, 2025
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41... Moderate Unreviewed
CVE-2025-13634 was published Dec 2, 2025
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php... Moderate Unreviewed
CVE-2025-65379 was published Dec 2, 2025
Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (2025-09-22) is vulnerable to... Moderate Unreviewed
CVE-2025-65877 was published Dec 2, 2025
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint.... Moderate Unreviewed
CVE-2025-65380 was published Dec 2, 2025
Sending an HTTP request/response body with greater than 2^31 bytes triggers an infinite loop in... Moderate Unreviewed
CVE-2025-55181 was published Dec 3, 2025
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local... Moderate Unreviewed
CVE-2025-13635 was published Dec 2, 2025
In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix... Moderate Unreviewed
CVE-2023-53279 was published Sep 16, 2025
arcade-mcp-server Has Default Hardcoded Worker Secret That Allows Full Unauthorized Access to All HTTP MCP Worker Endpoints Moderate
CVE-2025-66454 was published for arcade-mcp-server (pip) Dec 2, 2025
qi-scape
Credited to qi-scape
A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting... Moderate Unreviewed
CVE-2025-65187 was published Dec 2, 2025
Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site... Moderate Unreviewed
CVE-2025-65215 was published Dec 2, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the... Moderate Unreviewed
CVE-2025-39811 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack... Moderate Unreviewed
CVE-2025-39815 was published Sep 16, 2025
DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which allows JavaScript execution... Moderate Unreviewed
CVE-2025-63872 was published Dec 2, 2025
In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume... Moderate Unreviewed
CVE-2025-39831 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: always use... Moderate Unreviewed
CVE-2025-39816 was published Sep 16, 2025
Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes... Moderate Unreviewed
CVE-2025-65881 was published Dec 2, 2025
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the... Moderate Unreviewed
CVE-2025-39829 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer... Moderate Unreviewed
CVE-2025-39814 was published Sep 16, 2025
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page editor allows authenticated... Moderate Unreviewed
CVE-2025-65186 was published Dec 2, 2025
When reading an HTTP response from a server, if no read amount is specified, the default behavior... Moderate Unreviewed
CVE-2025-13836 was published Dec 1, 2025
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer... Moderate Unreviewed
CVE-2023-53260 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of... Moderate Unreviewed
CVE-2023-53298 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database