Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

531 advisories

Loading
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to... High Unreviewed
CVE-2025-13630 was published Dec 2, 2025
An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control... High Unreviewed
CVE-2025-41738 was published Dec 1, 2025
Permission control vulnerability in the distributed component. Impact: Successful exploitation of... High Unreviewed
CVE-2025-58310 was published Nov 28, 2025
Permission control vulnerability in the memory management module. Impact: Successful exploitation... Critical Unreviewed
CVE-2025-64314 was published Nov 28, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13226 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13229 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13227 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13228 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13230 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13224 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to... High Unreviewed
CVE-2025-13223 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform... High Unreviewed
CVE-2025-12428 was published Nov 10, 2025
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of... High Unreviewed
CVE-2022-50590 was published Nov 6, 2025
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr&... Critical Unreviewed
CVE-2025-47151 was published Nov 5, 2025
uv has differential in tar extraction with PAX headers Low
GHSA-w476-p2h3-79g9 was published for uv (pip) Oct 21, 2025
woodruffw zanieb
Credited to woodruffw and zanieb
astral-tokio-tar Vulnerable to PAX Header Desynchronization High
CVE-2025-62518 was published for astral-tokio-tar (Rust) Oct 21, 2025
woodruffw tycho
azenla anners mnm678 zanieb
Credited to woodruffw, tycho, azenla, anners, mnm678, and zanieb
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59233 was published Oct 14, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59231 was published Oct 14, 2025
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
python-ldap has sanitization bypass in ldap.filter.escape_filter_chars Moderate
CVE-2025-61911 was published for python-ldap (pip) Oct 10, 2025
lukas-eu
Credited to lukas-eu
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to... High Unreviewed
CVE-2025-10585 was published Sep 24, 2025
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Type Confusion... High Unreviewed
CVE-2025-8354 was published Sep 23, 2025
@digitalocean/do-markdownit has Type Confusion vulnerability Moderate
CVE-2025-59717 was published for @digitalocean/do-markdownit (npm) Sep 19, 2025
cai0duque
Credited to cai0duque
Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8000 was published Sep 17, 2025
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8002 was published Sep 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database