Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,051
Maven
5,000+
npm
4,791
NuGet
825
pip
4,389
Pub
12
RubyGems
988
Rust
1,145
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,273 advisories

Loading
The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-11617 was published May 9, 2025
Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php. Critical Unreviewed
CVE-2023-31585 was published May 8, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a... Critical Unreviewed
CVE-2025-47549 was published May 7, 2025
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed
CVE-2025-40625 was published May 6, 2025
ShowDoc unrestricted file upload vulnerability Critical
CVE-2025-0520 was published for showdoc/showdoc (Composer) Apr 29, 2025
Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE)... Critical Unreviewed
CVE-2025-46616 was published Apr 25, 2025
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization,... Critical Unreviewed
CVE-2025-31324 was published Apr 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Angelo Mandato PowerPress... Critical Unreviewed
CVE-2025-46264 was published Apr 24, 2025
TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed
CVE-2025-43946 was published Apr 22, 2025
MCMS allows arbitrary file uploads in the ueditor component Critical
CVE-2025-29287 was published for net.mingsoft:ms-mcms (Maven) Apr 21, 2025
The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2021-4455 was published Apr 19, 2025
The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed
CVE-2025-1093 was published Apr 19, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using... Critical Unreviewed
CVE-2025-39436 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG Lite allows... Critical Unreviewed
CVE-2025-32682 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager allows... Critical Unreviewed
CVE-2025-32660 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in solacewp Solace Extra allows... Critical Unreviewed
CVE-2025-32652 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator... Critical Unreviewed
CVE-2025-27282 was published Apr 17, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload... Critical Unreviewed
CVE-2024-40071 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Ben Ritner - Kadence WP Kadence... Critical Unreviewed
CVE-2025-39557 was published Apr 16, 2025
The Ready_ application's Profile section allows users to upload files of any type and extension... Critical Unreviewed
CVE-2025-1980 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in EPC AI Hub allows Upload a Web... Critical Unreviewed
CVE-2025-26927 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts... Critical Unreviewed
CVE-2025-32579 was published Apr 11, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects... Critical Unreviewed
CVE-2025-32206 was published Apr 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com... Critical Unreviewed
CVE-2025-32202 was published Apr 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote... Critical Unreviewed
CVE-2025-32140 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database