GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,366 advisories

Filter by severity

Sort by

Least recently updated

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload... Critical Unreviewed

CVE-2025-26776 was published Feb 22, 2025

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13869 was published Feb 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using... Critical Unreviewed

CVE-2025-22654 was published Feb 18, 2025

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-1388 was published Feb 17, 2025

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render... High Unreviewed

CVE-2025-1070 was published Feb 13, 2025

A CWE-434 "Unrestricted Upload of File with Dangerous Type" in the template file uploads in Q... Moderate Unreviewed

CVE-2025-26350 was published Feb 12, 2025

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-10960 was published Feb 12, 2025

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-13365 was published Feb 12, 2025

The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13714 was published Feb 12, 2025

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense... High Unreviewed

CVE-2025-26411 was published Feb 11, 2025

The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files... Moderate Unreviewed

CVE-2024-13544 was published Feb 11, 2025

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical... Moderate Unreviewed

CVE-2025-1166 was published Feb 11, 2025

A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the... Moderate Unreviewed

CVE-2025-1165 was published Feb 11, 2025

The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-13011 was published Feb 10, 2025

An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows... High Unreviewed

CVE-2024-57407 was published Feb 10, 2025

An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0... High Unreviewed

CVE-2024-57408 was published Feb 10, 2025

In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload... Critical Unreviewed

CVE-2024-57668 was published Feb 6, 2025

OpenPLC_V3 contains an arbitrary file upload vulnerability, which could be leveraged for... Critical Unreviewed

CVE-2025-1066 was published Feb 6, 2025

The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-1028 was published Feb 5, 2025

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated... High Unreviewed

CVE-2024-13723 was published Feb 5, 2025

Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to... Critical Unreviewed

CVE-2024-57968 was published Feb 3, 2025

ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function. Critical Unreviewed

CVE-2024-57450 was published Feb 3, 2025

This vulnerability allows a high-privileged authenticated PAM user to achieve remote command... High Unreviewed

CVE-2025-24505 was published Jan 30, 2025

The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2024-13448 was published Jan 28, 2025

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... Critical Unreviewed

CVE-2025-0357 was published Jan 25, 2025

Previous 1 2 3 4 5 … 94 95 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,366 advisories