Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,645 advisories

Loading
The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed
CVE-2025-2396 was published Mar 17, 2025
Flowise Pre-auth Arbitrary File Upload Critical
GHSA-h42x-xx2q-6v6g was published for flowise (npm) Mar 13, 2025
dorattias
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit... Critical Unreviewed
CVE-2025-28915 was published Mar 11, 2025
Inadequate checks in the Media Manager allowed users with "edit" privileges to change file... High Unreviewed
CVE-2025-22213 was published Mar 11, 2025
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-13359 was published Mar 8, 2025
The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13908 was published Mar 8, 2025
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed
CVE-2024-13882 was published Mar 8, 2025
An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of... Critical Unreviewed
CVE-2025-25361 was published Mar 6, 2025
REDAXO allows Arbitrary File Upload in the mediapool page Moderate
CVE-2025-27411 was published for redaxo/source (Composer) Mar 5, 2025
0xadik
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2... Critical Unreviewed
CVE-2025-25784 was published Mar 5, 2025
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS... Critical Unreviewed
CVE-2025-25790 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... High Unreviewed
CVE-2025-27683 was published Mar 5, 2025
FlowiseAI Flowise arbitrary file upload vulnerability High
CVE-2025-26319 was published for flowise (npm) Mar 5, 2025
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3... Critical Unreviewed
CVE-2025-25783 was published Mar 5, 2025
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Low Unreviewed
CVE-2024-47259 was published Mar 4, 2025
A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability... Moderate Unreviewed
CVE-2025-1890 was published Mar 4, 2025
The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads... Critical Unreviewed
CVE-2024-8425 was published Feb 28, 2025
ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php. Critical Unreviewed
CVE-2025-26325 was published Feb 28, 2025
An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8,... High Unreviewed
CVE-2024-41340 was published Feb 27, 2025
The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed
CVE-2025-1128 was published Feb 25, 2025
Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file... Critical Unreviewed
CVE-2024-56897 was published Feb 24, 2025
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed
CVE-2025-1598 was published Feb 24, 2025
A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-1590 was published Feb 23, 2025
A vulnerability classified as critical has been found in SourceCodester Best Employee Management... Moderate Unreviewed
CVE-2025-1593 was published Feb 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload... Critical Unreviewed
CVE-2025-26776 was published Feb 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database