Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,831 advisories

Loading
The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the... High Unreviewed
CVE-2024-13483 was published Feb 19, 2025
The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed
CVE-2024-13478 was published Feb 19, 2025
The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-13491 was published Feb 19, 2025
The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13485 was published Feb 19, 2025
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13481 was published Feb 19, 2025
The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-13534 was published Feb 19, 2025
The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed
CVE-2024-13533 was published Feb 19, 2025
The YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP... High Unreviewed
CVE-2025-0916 was published Feb 19, 2025
The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13489 was published Feb 19, 2025
A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary... High Unreviewed
CVE-2025-1024 was published Feb 19, 2025
The Trash Duplicate and 301 Redirect plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed
CVE-2024-13468 was published Feb 19, 2025
The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is... High Unreviewed
CVE-2024-13592 was published Feb 19, 2025
The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11582 was published Feb 19, 2025
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related... High Unreviewed
CVE-2024-57261 was published Feb 19, 2025
In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one... High Unreviewed
CVE-2024-57262 was published Feb 19, 2025
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap... High Unreviewed
CVE-2024-57259 was published Feb 19, 2025
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in... High Unreviewed
CVE-2025-24928 was published Feb 19, 2025
An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted... High Unreviewed
CVE-2024-57255 was published Feb 19, 2025
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted... High Unreviewed
CVE-2024-57258 was published Feb 19, 2025
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink... High Unreviewed
CVE-2024-57254 was published Feb 19, 2025
An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type... High Unreviewed
CVE-2025-25895 was published Feb 19, 2025
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc ... High Unreviewed
CVE-2024-57256 was published Feb 19, 2025
An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the samba_wg... High Unreviewed
CVE-2025-25894 was published Feb 19, 2025
An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the inIP,... High Unreviewed
CVE-2025-25893 was published Feb 19, 2025
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in... High Unreviewed
CVE-2024-56171 was published Feb 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database