Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,819 advisories

Loading
An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart... High Unreviewed
CVE-2025-6002 was published Jun 11, 2025
The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2025-5395 was published Jun 11, 2025
The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to... High Unreviewed
CVE-2025-46612 was published Jun 10, 2025
The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload... High Unreviewed
CVE-2025-4387 was published Jun 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates... Critical Unreviewed
CVE-2025-32291 was published Jun 9, 2025
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote... Critical Unreviewed
CVE-2025-3835 was published Jun 9, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator... Moderate Unreviewed
CVE-2025-49329 was published Jun 6, 2025
An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed
CVE-2025-48782 was published Jun 6, 2025
A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management... Moderate Unreviewed
CVE-2025-5728 was published Jun 6, 2025
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-3054 was published Jun 5, 2025
Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads Moderate
CVE-2025-48953 was published for Umbraco.Cms (NuGet) Jun 4, 2025
00mpal00mpa
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker... High Unreviewed
CVE-2025-29093 was published Jun 4, 2025
An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed
CVE-2025-45854 was published Jun 3, 2025
Erupt Unrestricted Upload of File with Dangerous Type vulnerability Moderate
CVE-2025-45855 was published for xyz.erupt:erupt (Maven) Jun 3, 2025
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... Moderate Unreviewed
CVE-2025-1725 was published Jun 3, 2025
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper... Moderate Unreviewed
CVE-2024-7074 was published Jun 2, 2025
Gradio Allows Unauthorized File Copy via Path Manipulation Moderate
CVE-2025-48889 was published for gradio (pip) May 29, 2025
jjjutla nkoorty
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass... Moderate Unreviewed
CVE-2025-46080 was published May 29, 2025
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of... Moderate Unreviewed
CVE-2025-46078 was published May 29, 2025
Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability... High Unreviewed
CVE-2025-45997 was published May 28, 2025
The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed
CVE-2025-4800 was published May 28, 2025
A vulnerability classified as critical has been found in Realce Tecnologia Queue Ticket Kiosk up... Moderate Unreviewed
CVE-2025-5178 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in llisoft MTA Maita Training... Moderate Unreviewed
CVE-2025-5171 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02... Moderate Unreviewed
CVE-2025-5162 was published May 26, 2025
A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5131 was published May 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database