Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,166
NuGet
741
pip
3,962
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,769 advisories

Loading
DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via... Low Unreviewed
CVE-2025-55455 was published Aug 22, 2025
The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to... High Unreviewed
CVE-2025-54460 was published Aug 21, 2025
An attacker could exploit this vulnerability by uploading arbitrary files via a specific service... Moderate Unreviewed
CVE-2025-24489 was published Aug 21, 2025
An attacker could exploit this vulnerability by uploading arbitrary files via the a specific... Moderate Unreviewed
CVE-2025-27714 was published Aug 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a... Critical Unreviewed
CVE-2025-53251 was published Aug 21, 2025
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows... High Unreviewed
CVE-2025-55383 was published Aug 21, 2025
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown... Moderate Unreviewed
CVE-2025-9296 was published Aug 21, 2025
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown... Moderate Unreviewed
CVE-2025-9173 was published Aug 20, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking &... Critical Unreviewed
CVE-2025-54677 was published Aug 20, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ReachShip... Critical Unreviewed
CVE-2025-53213 was published Aug 20, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for... Critical Unreviewed
CVE-2025-48148 was published Aug 20, 2025
The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to... Critical Unreviewed
CVE-2025-7441 was published Aug 16, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-6079 was published Aug 16, 2025
An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for... Critical Unreviewed
CVE-2025-54473 was published Aug 15, 2025
The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-6679 was published Aug 15, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload... Critical Unreviewed
CVE-2025-54693 was published Aug 14, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a... Critical Unreviewed
CVE-2025-24775 was published Aug 14, 2025
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed
CVE-2012-10054 was published Aug 13, 2025
PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its... High Unreviewed
CVE-2012-10056 was published Aug 13, 2025
Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a... High Unreviewed
CVE-2025-8297 was published Aug 12, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX... Moderate Unreviewed
CVE-2025-33023 was published Aug 12, 2025
Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed
CVE-2012-10038 was published Aug 11, 2025
A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this... Moderate Unreviewed
CVE-2025-8841 was published Aug 11, 2025
A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as... Moderate Unreviewed
CVE-2025-8775 was published Aug 9, 2025
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10052 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database