Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

591 advisories

Loading
Gradio Allows Unauthorized File Copy via Path Manipulation Moderate
CVE-2025-48889 was published for gradio (pip) May 29, 2025
jjjutla nkoorty
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of... Moderate Unreviewed
CVE-2025-46078 was published May 29, 2025
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass... Moderate Unreviewed
CVE-2025-46080 was published May 29, 2025
A vulnerability classified as critical has been found in Realce Tecnologia Queue Ticket Kiosk up... Moderate Unreviewed
CVE-2025-5178 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in llisoft MTA Maita Training... Moderate Unreviewed
CVE-2025-5171 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02... Moderate Unreviewed
CVE-2025-5162 was published May 26, 2025
A vulnerability was found in Tmall Demo up to 20250505. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-5130 was published May 24, 2025
A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5131 was published May 24, 2025
A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-5108 was published May 23, 2025
File upload vulnerabilities are present in ASPECT if session administrator credentials become... Moderate Unreviewed
CVE-2025-30173 was published May 22, 2025
File upload and execute vulnerabilities in ASPECT allow PHP script injection if session... Moderate Unreviewed
CVE-2025-30169 was published May 22, 2025
Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are... Moderate Unreviewed
CVE-2025-3444 was published May 22, 2025
The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads... Moderate Unreviewed
CVE-2024-9544 was published May 22, 2025
A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0.... Moderate Unreviewed
CVE-2025-5059 was published May 22, 2025
TYPO3 Allows Unrestricted File Upload in File Abstraction Layer Moderate
CVE-2025-47939 was published for typo3/cms-core (Composer) May 20, 2025
0xHamy ohader
A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-4926 was published May 19, 2025
A vulnerability, which was classified as critical, has been found in SourceCodester Client... Moderate Unreviewed
CVE-2025-4923 was published May 19, 2025
A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as... Moderate Unreviewed
CVE-2025-4735 was published May 16, 2025
A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects... Moderate Unreviewed
CVE-2025-4538 was published May 11, 2025
A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been... Moderate Unreviewed
CVE-2025-4468 was published May 9, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload... Moderate Unreviewed
CVE-2025-47550 was published May 7, 2025
A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed
CVE-2025-4310 was published May 6, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript... Moderate Unreviewed
CVE-2024-11390 was published May 1, 2025
Unrestricted file upload in Kibana allows an authenticated attacker to compromise software... Moderate Unreviewed
CVE-2025-25016 was published May 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database