Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,127 advisories

Loading
An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can... Critical Unreviewed
CVE-2025-30131 was published Jun 26, 2025
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action... Critical Unreviewed
CVE-2023-51925 was published Jan 20, 2024
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-46157 was published Jun 18, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor... Critical Unreviewed
CVE-2025-49444 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a... Critical Unreviewed
CVE-2025-49071 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a... Critical Unreviewed
CVE-2025-47559 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows... Critical Unreviewed
CVE-2025-49447 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ovatheme Ovatheme Events Manager... Critical Unreviewed
CVE-2025-32510 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a... Critical Unreviewed
CVE-2025-47452 was published Jun 17, 2025
An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of... Critical Unreviewed
CVE-2023-51924 was published Jan 20, 2024
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action... Critical Unreviewed
CVE-2023-51928 was published Jan 20, 2024
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in... Critical Unreviewed
CVE-2024-44849 was published Sep 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates... Critical Unreviewed
CVE-2025-32291 was published Jun 9, 2025
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote... Critical Unreviewed
CVE-2025-3835 was published Jun 9, 2025
An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed
CVE-2025-48782 was published Jun 6, 2025
An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed
CVE-2025-45854 was published Jun 3, 2025
Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because... Critical Unreviewed
CVE-2023-50982 was published Jan 8, 2024
An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to... Critical Unreviewed
CVE-2023-27168 was published Jan 19, 2024
The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation,... Critical Unreviewed
CVE-2024-6366 was published Jul 29, 2024
An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student... Critical Unreviewed
CVE-2023-41505 was published Mar 13, 2024
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-5058 was published May 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print... Critical Unreviewed
CVE-2025-47641 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS allows Upload a... Critical Unreviewed
CVE-2025-47637 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed... Critical Unreviewed
CVE-2025-47642 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress... Critical Unreviewed
CVE-2025-47658 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database