GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,381

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

997 advisories

Filter by severity

Sort by

Least recently updated

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13869 was published Feb 22, 2025

Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to... High Unreviewed

CVE-2022-36386 was published Sep 22, 2022

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install... High Unreviewed

CVE-2021-44967 was published Feb 25, 2022

An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows... High Unreviewed

CVE-2024-57407 was published Feb 10, 2025

An unrestricted file upload vulnerability in the administrative portal branding component of... High Unreviewed

CVE-2023-26830 was published Mar 31, 2023

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-1388 was published Feb 17, 2025

File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary... High Unreviewed

CVE-2021-3267 was published Apr 4, 2023

Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator... High Unreviewed

CVE-2023-0670 was published Apr 5, 2023

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render... High Unreviewed

CVE-2025-1070 was published Feb 13, 2025

The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13714 was published Feb 12, 2025

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... High Unreviewed

CVE-2025-22389 was published Jan 4, 2025

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability... High Unreviewed

CVE-2023-27179 was published Apr 11, 2023

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense... High Unreviewed

CVE-2025-26411 was published Feb 11, 2025

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0... High Unreviewed

CVE-2024-57408 was published Feb 10, 2025

A vulnerability classified as critical has been found in SourceCodester Student Management System... High Unreviewed

CVE-2024-5047 was published May 17, 2024

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated... High Unreviewed

CVE-2024-4920 was published May 16, 2024

A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an... High Unreviewed

CVE-2020-8260 was published May 24, 2022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post... High Unreviewed

CVE-2021-20022 was published May 24, 2022

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed

CVE-2024-27944 was published May 14, 2024

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed

CVE-2024-27943 was published May 14, 2024

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import... High Unreviewed

CVE-2024-27945 was published May 14, 2024

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated... High Unreviewed

CVE-2024-13723 was published Feb 5, 2025

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to... High Unreviewed

CVE-2024-1468 was published Feb 29, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue... High Unreviewed

CVE-2023-39307 was published Mar 26, 2024

The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-1028 was published Feb 5, 2025

Previous 1 2 3 4 5 … 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

997 advisories