Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,187
NuGet
741
pip
3,968
Pub
12
RubyGems
947
Rust
1,029
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,052 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows... Critical Unreviewed
CVE-2025-30933 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-28951 was published Jul 4, 2025
The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-6586 was published Jul 4, 2025
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-5322 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload... Critical Unreviewed
CVE-2025-23968 was published Jul 3, 2025
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-5961 was published Jul 3, 2025
eKuiper /config/uploads API arbitrary file writing may lead to RCE High
GHSA-gj54-gwj9-x2c6 was published for github.com/lf-edge/ekuiper (Go) Jul 3, 2025
yangbh
The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-5746 was published Jul 2, 2025
A vulnerability has been found in code-projects Library System 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-6900 was published Jun 30, 2025
A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1... Moderate Unreviewed
CVE-2025-6848 was published Jun 29, 2025
A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-6843 was published Jun 29, 2025
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by... Moderate Unreviewed
CVE-2025-6837 was published Jun 29, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager... Critical Unreviewed
CVE-2025-53260 was published Jun 27, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple... Critical Unreviewed
CVE-2025-49885 was published Jun 27, 2025
Vulnerability in fusionforge in the shipped Apache configuration, where the web server may... Critical Unreviewed
CVE-2014-0468 was published Jun 26, 2025
A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-6667 was published Jun 26, 2025
The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an... Critical Unreviewed
CVE-2021-4457 was published Jun 26, 2025
If a user saved a response from the Network tab in Devtools using the Save As context menu option... High Unreviewed
CVE-2025-6435 was published Jun 26, 2025
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed
CVE-2025-6206 was published Jun 26, 2025
An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can... Critical Unreviewed
CVE-2025-30131 was published Jun 26, 2025
Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2 and WRC-1167GST2. If... Moderate Unreviewed
CVE-2025-36519 was published Jun 24, 2025
A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-6466 was published Jun 22, 2025
The Beaver Builder Plugin (Starter Version) plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-4102 was published Jun 20, 2025
The Versa Director SD-WAN orchestration platform provides an option to upload various types of... High Unreviewed
CVE-2025-23171 was published Jun 19, 2025
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-46157 was published Jun 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database