Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,831 advisories

Loading
Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled... High Unreviewed
CVE-2022-28339 was published Feb 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows... High Unreviewed
CVE-2025-27012 was published Feb 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26756 was published Feb 22, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26760 was published Feb 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26774 was published Feb 22, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26757 was published Feb 22, 2025
The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-0953 was published Feb 22, 2025
The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-0957 was published Feb 22, 2025
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13869 was published Feb 22, 2025
The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-0918 was published Feb 22, 2025
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information... High Unreviewed
CVE-2025-1361 was published Feb 22, 2025
The The Show Me The Cookies plugin for WordPress is vulnerable to arbitrary shortcode execution... High Unreviewed
CVE-2025-1509 was published Feb 22, 2025
The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2025-1510 was published Feb 22, 2025
The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13474 was published Feb 22, 2025
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2024-13899 was published Feb 22, 2025
Leantime allows Stored Cross-Site Scripting (XSS) High
GHSA-c39w-3pjx-qc7m was published for leantime/leantime (Composer) Feb 21, 2025
mnqazi
Leantime allows Cross Site Scripting (XSS) and SQL Injection (SQLi) High
GHSA-v4q9-437p-mhpg was published for leantime/leantime (Composer) Feb 21, 2025
0xROI
Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit High
CVE-2025-1403 was published for qiskit (pip) Feb 21, 2025
An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read... High Unreviewed
CVE-2025-26013 was published Feb 21, 2025
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00.... High Unreviewed
CVE-2025-1539 was published Feb 21, 2025
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this... High Unreviewed
CVE-2025-1538 was published Feb 21, 2025
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL... High Unreviewed
CVE-2025-26794 was published Feb 21, 2025
Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently... High Unreviewed
CVE-2024-9150 was published Feb 21, 2025
In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant... High Unreviewed
CVE-2025-1471 was published Feb 21, 2025
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... High Unreviewed
CVE-2024-13353 was published Feb 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database