Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,018 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows... Critical Unreviewed
CVE-2025-30933 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows... Critical Unreviewed
CVE-2025-49414 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-28951 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload... Critical Unreviewed
CVE-2025-23968 was published Jul 3, 2025
The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-5746 was published Jul 2, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager... Critical Unreviewed
CVE-2025-53260 was published Jun 27, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple... Critical Unreviewed
CVE-2025-49885 was published Jun 27, 2025
Vulnerability in fusionforge in the shipped Apache configuration, where the web server may... Critical Unreviewed
CVE-2014-0468 was published Jun 26, 2025
An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can... Critical Unreviewed
CVE-2025-30131 was published Jun 26, 2025
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-46157 was published Jun 18, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows... Critical Unreviewed
CVE-2025-49447 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor... Critical Unreviewed
CVE-2025-49444 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a... Critical Unreviewed
CVE-2025-47559 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a... Critical Unreviewed
CVE-2025-49071 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a... Critical Unreviewed
CVE-2025-47452 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ovatheme Ovatheme Events Manager... Critical Unreviewed
CVE-2025-32510 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates... Critical Unreviewed
CVE-2025-32291 was published Jun 9, 2025
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote... Critical Unreviewed
CVE-2025-3835 was published Jun 9, 2025
An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed
CVE-2025-48782 was published Jun 6, 2025
An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed
CVE-2025-45854 was published Jun 3, 2025
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-5058 was published May 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress... Critical Unreviewed
CVE-2025-47658 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for... Critical Unreviewed
CVE-2025-47687 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management... Critical Unreviewed
CVE-2025-47663 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print... Critical Unreviewed
CVE-2025-47641 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database