Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,450 advisories

Loading
A vulnerability has been found in 201206030 novel-cloud 1.4.0 and classified as critical. This... Moderate Unreviewed
CVE-2025-3956 was published Apr 27, 2025
A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-3957 was published Apr 27, 2025
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject... Moderate Unreviewed
CVE-2025-46577 was published Apr 27, 2025
There is a Permission Management and Access Control vulnerability in the GoldenDB database... Moderate Unreviewed
CVE-2025-46576 was published Apr 27, 2025
There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product.... Moderate Unreviewed
CVE-2025-46578 was published Apr 27, 2025
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can... Moderate Unreviewed
CVE-2025-46575 was published Apr 27, 2025
A vulnerability, which was classified as critical, was found in codeprojects Patient Record... Moderate Unreviewed
CVE-2025-3955 was published Apr 27, 2025
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can... Moderate Unreviewed
CVE-2025-46574 was published Apr 27, 2025
NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use,... Moderate Unreviewed
CVE-2025-46673 was published Apr 27, 2025
A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0.... Moderate Unreviewed
CVE-2025-3954 was published Apr 27, 2025
CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG... Moderate Unreviewed
CVE-2025-46655 was published Apr 26, 2025
CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS through uploaded JavaScript... Moderate Unreviewed
CVE-2025-46654 was published Apr 26, 2025
In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an... Moderate Unreviewed
CVE-2025-46652 was published Apr 26, 2025
In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8... Moderate Unreviewed
CVE-2025-46646 was published Apr 26, 2025
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information... Moderate Unreviewed
CVE-2024-53636 was published Apr 26, 2025
The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed
CVE-2024-13812 was published Apr 26, 2025
A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow,... Moderate Unreviewed
CVE-2025-2850 was published Apr 26, 2025
A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow,... Moderate Unreviewed
CVE-2025-2811 was published Apr 26, 2025
The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data... Moderate Unreviewed
CVE-2025-3915 was published Apr 26, 2025
The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites... Moderate Unreviewed
CVE-2025-1458 was published Apr 26, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users. Moderate Unreviewed
CVE-2025-32979 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain... Moderate Unreviewed
CVE-2025-32984 was published Apr 25, 2025
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary... Moderate Unreviewed
CVE-2025-2070 was published Apr 25, 2025
An open redirect vulnerability was reported in the FileZ client that could allow information... Moderate Unreviewed
CVE-2025-2068 was published Apr 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database