Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,167
NuGet
741
pip
3,963
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,047 advisories

Loading
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... High Unreviewed
CVE-2025-47187 was published Jul 23, 2025
There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file... Moderate Unreviewed
CVE-2024-10668 was published Nov 7, 2024
The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2015-10144 was published Jul 25, 2025
The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed
CVE-2025-5831 was published Jul 25, 2025
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed
CVE-2025-7852 was published Jul 25, 2025
The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed
CVE-2025-7437 was published Jul 25, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52449 was published Jul 25, 2025
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-8323 was published Jul 30, 2025
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2025-7847 was published Jul 31, 2025
Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product... Moderate Unreviewed
CVE-2025-54757 was published Jul 31, 2025
An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The... Critical Unreviewed
CVE-2013-10034 was published Jul 31, 2025
An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0... Critical Unreviewed
CVE-2013-10038 was published Jul 31, 2025
A vulnerability classified as critical has been found in code-projects Online Ordering System 1.0... Moderate Unreviewed
CVE-2025-8256 was published Jul 28, 2025
A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-8255 was published Jul 28, 2025
The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images... High Unreviewed
CVE-2025-7443 was published Aug 1, 2025
An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and... Critical Unreviewed
CVE-2013-10055 was published Aug 1, 2025
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows... Critical Unreviewed
CVE-2013-10047 was published Aug 1, 2025
/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload... Moderate Unreviewed
CVE-2025-54962 was published Aug 4, 2025
An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and... Critical Unreviewed
CVE-2013-10054 was published Aug 4, 2025
Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog... High Unreviewed
CVE-2025-44139 was published Aug 1, 2025
An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2025-52239 was published Aug 4, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-5061 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6207 was published Aug 5, 2025
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker... High Unreviewed
CVE-2017-2617 was published May 13, 2022
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The... Critical Unreviewed
CVE-2013-10066 was published Aug 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database