GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,381
Composer 4,822
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,809
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,828

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,126 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2015-10138 was published Jul 19, 2025

The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2012-10019 was published Jul 19, 2025

simogeo/filemanager arbitrary file upload vulnerability Critical

CVE-2025-46001 was published for simogeo/filemanager (Composer) Jul 18, 2025

The WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User... Critical Unreviewed

CVE-2025-6222 was published Jul 18, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows... Critical Unreviewed

CVE-2025-48300 was published Jul 16, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription... Critical Unreviewed

CVE-2025-29009 was published Jul 16, 2025

The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed

CVE-2025-7340 was published Jul 15, 2025

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up... Critical Unreviewed

CVE-2020-36847 was published Jul 12, 2025

The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2020-36849 was published Jul 12, 2025

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed

CVE-2025-6058 was published Jul 12, 2025

Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution... Critical Unreviewed

CVE-2025-6802 was published Jul 7, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows... Critical Unreviewed

CVE-2025-49414 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows... Critical Unreviewed

CVE-2025-30933 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed

CVE-2025-28951 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload... Critical Unreviewed

CVE-2025-23968 was published Jul 3, 2025

The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-5746 was published Jul 2, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager... Critical Unreviewed

CVE-2025-53260 was published Jun 27, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple... Critical Unreviewed

CVE-2025-49885 was published Jun 27, 2025

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may... Critical Unreviewed

CVE-2014-0468 was published Jun 26, 2025

The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an... Critical Unreviewed

CVE-2021-4457 was published Jun 26, 2025

An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can... Critical Unreviewed

CVE-2025-30131 was published Jun 26, 2025

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2025-46157 was published Jun 18, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows... Critical Unreviewed

CVE-2025-49447 was published Jun 17, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor... Critical Unreviewed

CVE-2025-49444 was published Jun 17, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a... Critical Unreviewed

CVE-2025-49071 was published Jun 17, 2025

Previous 1 2 3 4 5 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,126 advisories