GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,064

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,562 advisories

Filter by severity

Sort by

Least recently updated

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed

CVE-2024-13091 was published Jan 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer.... Critical Unreviewed

CVE-2024-51919 was published Jan 21, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with... Critical Unreviewed

CVE-2025-22723 was published Jan 21, 2025

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-13333 was published Jan 17, 2025

Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate

CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above.... Critical Unreviewed

CVE-2025-0471 was published Jan 16, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2024-13355 was published Jan 16, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List... Critical Unreviewed

CVE-2025-22782 was published Jan 15, 2025

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed

CVE-2024-13171 was published Jan 14, 2025

The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed

CVE-2025-0394 was published Jan 14, 2025

SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting... Moderate Unreviewed

CVE-2025-0057 was published Jan 14, 2025

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload... Critical Unreviewed

CVE-2024-46479 was published Jan 13, 2025

HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts... Low Unreviewed

CVE-2024-42180 was published Jan 13, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms... Critical Unreviewed

CVE-2025-22504 was published Jan 9, 2025

The <redacted>.exe or <redacted>.exe CGI binary can be used to upload arbitrary files to /tmp... Moderate Unreviewed

CVE-2024-43662 was published Jan 9, 2025

The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-12854 was published Jan 8, 2025

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-12853 was published Jan 8, 2025

An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading... Critical Unreviewed

CVE-2022-41573 was published Jan 7, 2025

An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3... High Unreviewed

CVE-2024-53345 was published Jan 7, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGlow JobBoard Job listing... Critical Unreviewed

CVE-2024-43243 was published Jan 7, 2025

File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was... Critical Unreviewed

CVE-2024-56828 was published Jan 6, 2025

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This... Moderate Unreviewed

CVE-2024-13138 was published Jan 5, 2025

A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as... Moderate Unreviewed

CVE-2025-0213 was published Jan 4, 2025

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... Unknown Unreviewed

CVE-2025-22389 was published Jan 4, 2025

An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0... Critical Unreviewed

CVE-2024-55078 was published Jan 3, 2025

Previous 1 2 3 4 5 … 102 103 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,562 advisories