Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,789
NuGet
825
pip
4,385
Pub
12
RubyGems
988
Rust
1,145
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,273 advisories

Loading
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed
CVE-2025-34329 was published Nov 19, 2025
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed
CVE-2025-34328 was published Nov 19, 2025
The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as... Critical Unreviewed
CVE-2025-12057 was published Nov 19, 2025
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an... Critical Unreviewed
CVE-2025-63228 was published Nov 18, 2025
An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager... Critical Unreviewed
CVE-2025-63994 was published Nov 18, 2025
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php... Critical Unreviewed
CVE-2025-63695 was published Nov 18, 2025
The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2025-11170 was published Nov 11, 2025
Employee Records System version 1.0 contains an unrestricted file upload vulnerability that... Critical Unreviewed
CVE-2021-4462 was published Nov 11, 2025
Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated... Critical Unreviewed
CVE-2025-34299 was published Nov 7, 2025
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-12352 was published Nov 7, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for... Critical Unreviewed
CVE-2025-62065 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in KingAddons.com King Addons for... Critical Unreviewed
CVE-2025-6327 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in hogash Kallyas kallyas.This... Critical Unreviewed
CVE-2025-62016 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case... Critical Unreviewed
CVE-2025-62047 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Addify Custom User Registration... Critical Unreviewed
CVE-2025-60207 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket... Critical Unreviewed
CVE-2025-60235 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings... Critical Unreviewed
CVE-2025-58996 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in borisolhor Drop Uploader for CF7... Critical Unreviewed
CVE-2025-53283 was published Nov 6, 2025
A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could... Critical Unreviewed
CVE-2025-20354 was published Nov 5, 2025
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an... Critical Unreviewed
CVE-2025-63601 was published Nov 5, 2025
The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-12674 was published Nov 5, 2025
The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript... Critical Unreviewed
CVE-2025-12682 was published Nov 4, 2025
The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for... Critical Unreviewed
CVE-2025-11499 was published Nov 1, 2025
DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite Critical
CVE-2025-64095 was published for DNN.PLATFORM (NuGet) Oct 29, 2025
bdukes Credited to bdukes and valadas valadas valadas
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design... Critical Unreviewed
CVE-2025-6440 was published Oct 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database