GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,434
Composer 4,826
Erlang 36
GitHub Actions 32
Go 2,426
Maven 5,833
npm 4,058
NuGet 723
pip 3,848
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 265,132

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file... Critical Unreviewed

CVE-2012-10025 was published Aug 5, 2025

File contents could be read from the local file system by an attacker. Additionally, malicious... Critical Unreviewed

CVE-2025-24937 was published Jul 21, 2025

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... Critical Unreviewed

CVE-2025-4689 was published Jul 2, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-47586 was published Jun 6, 2025

A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to... Critical Unreviewed

CVE-2022-40089 was published Sep 23, 2022

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-46468 was published May 23, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-39406 was published May 19, 2025

A improper control of filename for include/require statement in PHP program vulnerability in the... Critical Unreviewed

CVE-2025-31340 was published Apr 17, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-32577 was published Apr 11, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-26909 was published Mar 27, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-28916 was published Mar 26, 2025

The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable... Critical Unreviewed

CVE-2024-13790 was published Mar 19, 2025

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed

CVE-2025-1771 was published Mar 15, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-26916 was published Mar 10, 2025

The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local... Critical Unreviewed

CVE-2024-9193 was published Feb 28, 2025

Network access can be used to execute arbitrary code with elevated privileges. This issue... Critical Unreviewed

CVE-2024-48841 was published Jan 27, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2024-49649 was published Jan 7, 2025

The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is... Critical Unreviewed

CVE-2024-12571 was published Dec 20, 2024

The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local... Critical Unreviewed

CVE-2024-12209 was published Dec 8, 2024

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion... Critical Unreviewed

CVE-2024-10571 was published Nov 14, 2024

The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed

CVE-2024-10871 was published Nov 9, 2024

The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly... Critical Unreviewed

CVE-2024-41925 was published Oct 4, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2024-43261 was published Aug 19, 2024

Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows... Critical Unreviewed

CVE-2024-30849 was published Apr 5, 2024

An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file... Critical Unreviewed

CVE-2024-33863 was published May 14, 2024

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

31 advisories