GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96,212 advisories

Filter by severity

Sort by

Least recently updated

Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled... High Unreviewed

CVE-2022-28339 was published Feb 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows... High Unreviewed

CVE-2025-27012 was published Feb 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-26756 was published Feb 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26760 was published Feb 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-26774 was published Feb 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26757 was published Feb 22, 2025

The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-0953 was published Feb 22, 2025

The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-0957 was published Feb 22, 2025

The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed

CVE-2025-0918 was published Feb 22, 2025

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13869 was published Feb 22, 2025

The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information... High Unreviewed

CVE-2025-1361 was published Feb 22, 2025

The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed

CVE-2024-13474 was published Feb 22, 2025

The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2024-13899 was published Feb 22, 2025

The The Show Me The Cookies plugin for WordPress is vulnerable to arbitrary shortcode execution... High Unreviewed

CVE-2025-1509 was published Feb 22, 2025

The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2025-1510 was published Feb 22, 2025

An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read... High Unreviewed

CVE-2025-26013 was published Feb 21, 2025

A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00.... High Unreviewed

CVE-2025-1539 was published Feb 21, 2025

A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this... High Unreviewed

CVE-2025-1538 was published Feb 21, 2025

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL... High Unreviewed

CVE-2025-26794 was published Feb 21, 2025

Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently... High Unreviewed

CVE-2024-9150 was published Feb 21, 2025

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... High Unreviewed

CVE-2024-13353 was published Feb 21, 2025

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant... High Unreviewed

CVE-2025-1471 was published Feb 21, 2025

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-11260 was published Feb 21, 2025

An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via... High Unreviewed

CVE-2025-22973 was published Feb 21, 2025

Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an... High Unreviewed

CVE-2025-0352 was published Feb 20, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

96,212 advisories