GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,393
Composer 4,825
Erlang 36
GitHub Actions 32
Go 2,417
Maven 5,811
npm 4,054
NuGet 723
pip 3,845
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,913

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,054 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows... Critical Unreviewed

CVE-2025-31002 was published Apr 9, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon &... Critical Unreviewed

CVE-2025-32118 was published Apr 4, 2025

The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-2780 was published Apr 4, 2025

The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-2005 was published Apr 2, 2025

InvoicePlane (all versions tested as of December 2024) v.1.6.11 and before contains a remote code... Critical Unreviewed

CVE-2024-56975 was published Mar 28, 2025

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers... Critical Unreviewed

CVE-2025-29411 was published Mar 20, 2025

The File Away plugin for WordPress is vulnerable to arbitrary file uploads due to a missing... Critical Unreviewed

CVE-2025-2512 was published Mar 19, 2025

A file upload bypass vulnerability exists in SOPlanning 1.53.00, specifically in /process/upload... Critical Unreviewed

CVE-2024-57169 was published Mar 18, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit... Critical Unreviewed

CVE-2025-28915 was published Mar 11, 2025

An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of... Critical Unreviewed

CVE-2025-25361 was published Mar 6, 2025

An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2... Critical Unreviewed

CVE-2025-25784 was published Mar 5, 2025

An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS... Critical Unreviewed

CVE-2025-25790 was published Mar 5, 2025

An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3... Critical Unreviewed

CVE-2025-25783 was published Mar 5, 2025

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads... Critical Unreviewed

CVE-2024-8425 was published Feb 28, 2025

ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php. Critical Unreviewed

CVE-2025-26325 was published Feb 28, 2025

An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior... Critical Unreviewed

CVE-2024-41339 was published Feb 27, 2025

The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed

CVE-2025-1128 was published Feb 25, 2025

Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file... Critical Unreviewed

CVE-2024-56897 was published Feb 24, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload... Critical Unreviewed

CVE-2025-26776 was published Feb 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using... Critical Unreviewed

CVE-2025-22654 was published Feb 18, 2025

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-10960 was published Feb 12, 2025

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-13365 was published Feb 12, 2025

The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-13011 was published Feb 10, 2025

In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload... Critical Unreviewed

CVE-2024-57668 was published Feb 6, 2025

OpenPLC_V3 contains an arbitrary file upload vulnerability, which could be leveraged for... Critical Unreviewed

CVE-2025-1066 was published Feb 6, 2025

Previous 1 2 3 4 5 6 7 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,054 advisories