GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,672
Composer 4,466
Erlang 33
GitHub Actions 23
Go 2,167
Maven 5,398
npm 3,830
NuGet 696
pip 3,508
Pub 12
RubyGems 910
Rust 906
Swift 38

Unreviewed advisories

All unreviewed 247,951

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,007 advisories

Filter by severity

Sort by

Least recently updated

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-2396 was published Mar 17, 2025

Inadequate checks in the Media Manager allowed users with "edit" privileges to change file... High Unreviewed

CVE-2025-22213 was published Mar 11, 2025

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-13359 was published Mar 8, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed

CVE-2024-13882 was published Mar 8, 2025

The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-13908 was published Mar 8, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... High Unreviewed

CVE-2025-27683 was published Mar 5, 2025

An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8,... High Unreviewed

CVE-2024-41340 was published Feb 27, 2025

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13869 was published Feb 22, 2025

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-1388 was published Feb 17, 2025

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render... High Unreviewed

CVE-2025-1070 was published Feb 13, 2025

The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13714 was published Feb 12, 2025

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense... High Unreviewed

CVE-2025-26411 was published Feb 11, 2025

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0... High Unreviewed

CVE-2024-57408 was published Feb 10, 2025

An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows... High Unreviewed

CVE-2024-57407 was published Feb 10, 2025

The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-1028 was published Feb 5, 2025

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated... High Unreviewed

CVE-2024-13723 was published Feb 5, 2025

This vulnerability allows a high-privileged authenticated PAM user to achieve remote command... High Unreviewed

CVE-2025-24505 was published Jan 30, 2025

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed

CVE-2024-25034 was published Jan 24, 2025

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed

CVE-2024-40693 was published Jan 24, 2025

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-13333 was published Jan 17, 2025

An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01... High Unreviewed

CVE-2024-57761 was published Jan 15, 2025

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed

CVE-2024-13171 was published Jan 14, 2025

The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed

CVE-2025-0394 was published Jan 14, 2025

An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows... High Unreviewed

CVE-2024-46210 was published Jan 10, 2025

The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-12854 was published Jan 8, 2025

Previous 1 2 3 4 5 … 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,007 advisories