Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,933
Erlang
39
GitHub Actions
38
Go
2,595
Maven
5,000+
npm
4,247
NuGet
754
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
uv has differential in tar extraction with PAX headers Low
GHSA-w476-p2h3-79g9 was published for uv (pip) Oct 21, 2025
woodruffw zanieb
Credited to woodruffw and zanieb
astral-tokio-tar Vulnerable to PAX Header Desynchronization High
CVE-2025-62518 was published for astral-tokio-tar (Rust) Oct 21, 2025
woodruffw tycho
azenla anners mnm678 zanieb
Credited to woodruffw, tycho, azenla, anners, mnm678, and zanieb
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59233 was published Oct 14, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an... High Unreviewed
CVE-2025-59231 was published Oct 14, 2025
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
python-ldap has sanitization bypass in ldap.filter.escape_filter_chars Moderate
CVE-2025-61911 was published for python-ldap (pip) Oct 10, 2025
lukas-eu
Credited to lukas-eu
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to... High Unreviewed
CVE-2025-10585 was published Sep 24, 2025
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Type Confusion... High Unreviewed
CVE-2025-8354 was published Sep 23, 2025
@digitalocean/do-markdownit has Type Confusion vulnerability Moderate
CVE-2025-59717 was published for @digitalocean/do-markdownit (npm) Sep 19, 2025
cai0duque
Credited to cai0duque
Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8000 was published Sep 17, 2025
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8002 was published Sep 17, 2025
Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-8005 was published Sep 17, 2025
Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-7999 was published Sep 17, 2025
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-7995 was published Sep 17, 2025
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS... Moderate Unreviewed
CVE-2025-43355 was published Sep 16, 2025
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43297 was published Sep 16, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-54915 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-54109 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-54094 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-53810 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-54104 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-53808 was published Sep 9, 2025
Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability... High Unreviewed
CVE-2023-31322 was published Sep 6, 2025
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau... Critical Unreviewed
CVE-2025-26496 was published Aug 22, 2025
Access of resource using incompatible type ('type confusion') in Windows Push Notifications... High Unreviewed
CVE-2025-53724 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database