Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,047 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-58819 was published Sep 5, 2025
The Multi Step Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9515 was published Sep 6, 2025
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed
CVE-2025-9113 was published Sep 8, 2025
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file... High Unreviewed
CVE-2025-9112 was published Sep 8, 2025
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected... Moderate Unreviewed
CVE-2025-10083 was published Sep 8, 2025
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This... Moderate Unreviewed
CVE-2025-10085 was published Sep 8, 2025
An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0... Moderate Unreviewed
CVE-2025-47866 was published Jun 17, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... High Unreviewed
CVE-2025-20287 was published Sep 9, 2025
Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed
CVE-2025-9872 was published Sep 9, 2025
Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed
CVE-2025-9712 was published Sep 9, 2025
A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-10081 was published Sep 8, 2025
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10001 was published Sep 10, 2025
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-10049 was published Sep 10, 2025
N8N's Chat Trigger component is vulnerable to XSS High
CVE-2025-56265 was published for @n8n/n8n-nodes-langchain (npm) Sep 8, 2025
A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is... Moderate Unreviewed
CVE-2025-9847 was published Sep 10, 2025
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown... Moderate Unreviewed
CVE-2025-9296 was published Aug 21, 2025
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown... Moderate Unreviewed
CVE-2025-9173 was published Aug 20, 2025
File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-55835 was published Sep 12, 2025
A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function... Moderate Unreviewed
CVE-2025-9406 was published Aug 25, 2025
A vulnerability was found in BoyunCMS up to 1.4.20 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-7100 was published Jul 7, 2025
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite... High Unreviewed
CVE-2025-45586 was published Sep 12, 2025
The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Communication EtherHaul series ... Moderate Unreviewed
CVE-2025-57176 was published Sep 15, 2025
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative... Critical Unreviewed
CVE-2009-20006 was published Sep 16, 2025
A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as... Moderate Unreviewed
CVE-2025-8775 was published Aug 9, 2025
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload... High Unreviewed
CVE-2025-56295 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database