GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,672
Composer 4,466
Erlang 33
GitHub Actions 23
Go 2,167
Maven 5,398
npm 3,830
NuGet 696
pip 3,508
Pub 12
RubyGems 910
Rust 906
Swift 38

Unreviewed advisories

All unreviewed 247,951

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,397 advisories

Filter by severity

Sort by

Least recently updated

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-2396 was published Mar 17, 2025

An arbitrary file upload vulnerability in the Add Media function of SKINsoft S-Museum v7.02.3... Moderate Unreviewed

CVE-2024-25801 was published Feb 22, 2024

There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4,... Critical Unreviewed

CVE-2023-42286 was published Mar 15, 2024

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... High Unreviewed

CVE-2024-3022 was published Apr 4, 2024

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which... High Unreviewed

CVE-2022-2883 was published Feb 22, 2023

Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit... Critical Unreviewed

CVE-2025-28915 was published Mar 11, 2025

Inadequate checks in the Media Manager allowed users with "edit" privileges to change file... High Unreviewed

CVE-2025-22213 was published Mar 11, 2025

The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed

CVE-2024-1986 was published Mar 7, 2024

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-13359 was published Mar 8, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed

CVE-2024-13882 was published Mar 8, 2025

The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-13908 was published Mar 8, 2025

An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of... Critical Unreviewed

CVE-2025-25361 was published Mar 6, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... High Unreviewed

CVE-2025-27683 was published Mar 5, 2025

A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability... Moderate Unreviewed

CVE-2025-1890 was published Mar 4, 2025

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files,... High Unreviewed

CVE-2023-22890 was published Mar 8, 2023

An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2... Critical Unreviewed

CVE-2025-25784 was published Mar 5, 2025

An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS... Critical Unreviewed

CVE-2025-25790 was published Mar 5, 2025

An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3... Critical Unreviewed

CVE-2025-25783 was published Mar 5, 2025

A vulnerability, which was classified as critical, has been found in CampCodes Computer... Moderate Unreviewed

CVE-2025-0341 was published Jan 9, 2025

Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Low Unreviewed

CVE-2024-47259 was published Mar 4, 2025

The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-5226 was published Aug 8, 2024

An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8,... High Unreviewed

CVE-2024-41340 was published Feb 27, 2025

A vulnerability classified as critical has been found in SourceCodester Best Employee Management... Moderate Unreviewed

CVE-2025-1593 was published Feb 23, 2025

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed

CVE-2025-1598 was published Feb 24, 2025

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-1590 was published Feb 23, 2025

Previous 1 2 3 4 5 … 95 96 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,397 advisories