GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,372
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,261
Maven 5,512
npm 3,910
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,338

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

253,338 advisories

Filter by severity

Sort by

Least recently updated

There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject... Moderate Unreviewed

CVE-2025-46577 was published Apr 27, 2025

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product.... Moderate Unreviewed

CVE-2025-46578 was published Apr 27, 2025

There is a Permission Management and Access Control vulnerability in the GoldenDB database... Moderate Unreviewed

CVE-2025-46576 was published Apr 27, 2025

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use,... Moderate Unreviewed

CVE-2025-46673 was published Apr 27, 2025

There is an information disclosure vulnerability in the GoldenDB database product. Attackers can... Moderate Unreviewed

CVE-2025-46574 was published Apr 27, 2025

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to... Low Unreviewed

CVE-2025-46675 was published Apr 27, 2025

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially... Low Unreviewed

CVE-2025-46672 was published Apr 27, 2025

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended... Low Unreviewed

CVE-2025-46674 was published Apr 27, 2025

A vulnerability, which was classified as critical, was found in codeprojects Patient Record... Moderate Unreviewed

CVE-2025-3955 was published Apr 27, 2025

A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0.... Moderate Unreviewed

CVE-2025-3954 was published Apr 27, 2025

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as ... Low Unreviewed

CVE-2025-46656 was published Apr 27, 2025

CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG... Moderate Unreviewed

CVE-2025-46655 was published Apr 26, 2025

Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent... Low Unreviewed

CVE-2025-46653 was published Apr 26, 2025

CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS through uploaded JavaScript... Moderate Unreviewed

CVE-2025-46654 was published Apr 26, 2025

In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an... Moderate Unreviewed

CVE-2025-46652 was published Apr 26, 2025

In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8... Moderate Unreviewed

CVE-2025-46646 was published Apr 26, 2025

An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information... Moderate Unreviewed

CVE-2024-53636 was published Apr 26, 2025

The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-13812 was published Apr 26, 2025

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed

CVE-2025-2101 was published Apr 26, 2025

A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16... High Unreviewed

CVE-2025-2851 was published Apr 26, 2025

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow,... Moderate Unreviewed

CVE-2025-2811 was published Apr 26, 2025

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow,... Moderate Unreviewed

CVE-2025-2850 was published Apr 26, 2025

The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed

CVE-2025-3491 was published Apr 26, 2025

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2025-2105 was published Apr 26, 2025

The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF... Unknown Unreviewed

CVE-2025-2907 was published Apr 26, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

253,338 advisories