Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,163
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,235 advisories

Loading
Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72... High Unreviewed
CVE-2025-10009 was published Sep 22, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... High Unreviewed
CVE-2025-34195 was published Sep 19, 2025
The Embed PDF for WPForms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-10647 was published Sep 19, 2025
An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit... High Unreviewed
CVE-2025-55912 was published Sep 18, 2025
The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates,... High Unreviewed
CVE-2025-9216 was published Sep 17, 2025
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg... High Unreviewed
CVE-2025-56263 was published Sep 16, 2025
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload... High Unreviewed
CVE-2025-56295 was published Sep 16, 2025
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite... High Unreviewed
CVE-2025-45586 was published Sep 12, 2025
A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and... High Unreviewed
CVE-2025-57642 was published Sep 10, 2025
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-10049 was published Sep 10, 2025
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10001 was published Sep 10, 2025
Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed
CVE-2025-9872 was published Sep 9, 2025
Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed
CVE-2025-9712 was published Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... High Unreviewed
CVE-2025-20287 was published Sep 9, 2025
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file... High Unreviewed
CVE-2025-9112 was published Sep 8, 2025
N8N's Chat Trigger component is vulnerable to XSS High
CVE-2025-56265 was published for @n8n/n8n-nodes-langchain (npm) Sep 8, 2025
The Multi Step Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9515 was published Sep 6, 2025
The Make Connector plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6085 was published Sep 4, 2025
The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13342 was published Aug 29, 2025
Badaso CMS file upload vulnerability High
CVE-2025-52353 was published for badaso/core (Composer) Aug 26, 2025
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious... High Unreviewed
CVE-2025-53119 was published Aug 26, 2025
IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to... High Unreviewed
CVE-2025-36174 was published Aug 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-26497 was published Aug 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-26498 was published Aug 22, 2025
An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask... High Unreviewed
CVE-2025-55454 was published Aug 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database