Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,645 advisories

Loading
Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed
CVE-2025-1388 was published Feb 17, 2025
File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary... High Unreviewed
CVE-2021-3267 was published Apr 4, 2023
Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator... High Unreviewed
CVE-2023-0670 was published Apr 5, 2023
Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets High
CVE-2023-50386 was published for org.apache.solr:solr-core (Maven) Feb 9, 2024
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability High
CVE-2024-22393 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
Uvdesk remote code execution vulnerability High
CVE-2023-0265 was published for uvdesk/community-skeleton (Composer) Apr 5, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the... Moderate Unreviewed
CVE-2023-31428 was published Aug 2, 2023
CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render... High Unreviewed
CVE-2025-1070 was published Feb 13, 2025
A CWE-434 "Unrestricted Upload of File with Dangerous Type" in the template file uploads in Q... Moderate Unreviewed
CVE-2025-26350 was published Feb 12, 2025
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-10960 was published Feb 12, 2025
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-13365 was published Feb 12, 2025
The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13714 was published Feb 12, 2025
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... High Unreviewed
CVE-2025-22389 was published Jan 4, 2025
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability... High Unreviewed
CVE-2023-27179 was published Apr 11, 2023
An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense... High Unreviewed
CVE-2025-26411 was published Feb 11, 2025
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been... Moderate Unreviewed
CVE-2024-4820 was published May 14, 2024
A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and... Moderate Unreviewed
CVE-2024-4809 was published May 14, 2024
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical... Moderate Unreviewed
CVE-2025-1166 was published Feb 11, 2025
A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the... Moderate Unreviewed
CVE-2025-1165 was published Feb 11, 2025
An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0... High Unreviewed
CVE-2024-57408 was published Feb 10, 2025
The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-13011 was published Feb 10, 2025
Magento 2 Community Edition RCE via Unsafe File Upload Critical
CVE-2020-24407 was published for magento/community-edition (Composer) May 24, 2022
Magento vulnerable to a file upload restriction bypass Critical
CVE-2021-21014 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-8114 was published for magento/community-edition (Composer) May 24, 2022
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-3437 was published Apr 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database