GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,167
Maven
5,000+
npm
3,830
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
906
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,397 advisories
Filter by severity
The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote...
High
Unreviewed
CVE-2025-2396
was published
Mar 17, 2025
An arbitrary file upload vulnerability in the Add Media function of SKINsoft S-Museum v7.02.3...
Moderate
Unreviewed
CVE-2024-25801
was published
Feb 22, 2024
There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4,...
Critical
Unreviewed
CVE-2023-42286
was published
Mar 15, 2024
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient...
High
Unreviewed
CVE-2024-3022
was published
Apr 4, 2024
In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which...
High
Unreviewed
CVE-2022-2883
was published
Feb 22, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit...
Critical
Unreviewed
CVE-2025-28915
was published
Mar 11, 2025
Inadequate checks in the Media Manager allowed users with "edit" privileges to change file...
High
Unreviewed
CVE-2025-22213
was published
Mar 11, 2025
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads...
High
Unreviewed
CVE-2024-1986
was published
Mar 7, 2024
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-13359
was published
Mar 8, 2025
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit...
High
Unreviewed
CVE-2024-13882
was published
Mar 8, 2025
The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-13908
was published
Mar 8, 2025
An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of...
Critical
Unreviewed
CVE-2025-25361
was published
Mar 6, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330...
High
Unreviewed
CVE-2025-27683
was published
Mar 5, 2025
A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability...
Moderate
Unreviewed
CVE-2025-1890
was published
Mar 4, 2025
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files,...
High
Unreviewed
CVE-2023-22890
was published
Mar 8, 2023
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2...
Critical
Unreviewed
CVE-2025-25784
was published
Mar 5, 2025
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS...
Critical
Unreviewed
CVE-2025-25790
was published
Mar 5, 2025
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3...
Critical
Unreviewed
CVE-2025-25783
was published
Mar 5, 2025
A vulnerability, which was classified as critical, has been found in CampCodes Computer...
Moderate
Unreviewed
CVE-2025-0341
was published
Jan 9, 2025
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API...
Low
Unreviewed
CVE-2024-47259
was published
Mar 4, 2025
The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5226
was published
Aug 8, 2024
An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8,...
High
Unreviewed
CVE-2024-41340
was published
Feb 27, 2025
A vulnerability classified as critical has been found in SourceCodester Best Employee Management...
Moderate
Unreviewed
CVE-2025-1593
was published
Feb 23, 2025
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been...
Moderate
Unreviewed
CVE-2025-1598
was published
Feb 24, 2025
A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2025-1590
was published
Feb 23, 2025
ProTip!
Advisories are also available from the
GraphQL API