GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,545
Composer 4,693
Erlang 34
GitHub Actions 28
Go 2,283
Maven 5,567
npm 3,934
NuGet 708
pip 3,702
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 255,878

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,034 advisories

Filter by severity

Sort by

Least recently updated

The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed

CVE-2025-4317 was published May 13, 2025

The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with... High Unreviewed

CVE-2025-4561 was published May 12, 2025

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is... High Unreviewed

CVE-2025-3455 was published May 9, 2025

The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-4279 was published May 5, 2025

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a... High Unreviewed

CVE-2024-13418 was published May 2, 2025

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-3914 was published Apr 26, 2025

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3616 was published Apr 22, 2025

A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0... High Unreviewed

CVE-2025-29017 was published Apr 10, 2025

An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute... High Unreviewed

CVE-2025-29394 was published Apr 9, 2025

Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS... High Unreviewed

CVE-2025-27082 was published Apr 8, 2025

The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed

CVE-2025-2525 was published Apr 8, 2025

Kentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions... High Unreviewed

CVE-2025-32370 was published Apr 6, 2025

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2024-13708 was published Apr 4, 2025

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-13744 was published Apr 4, 2025

The Real Estate 7 WordPress theme for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-2891 was published Apr 1, 2025

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-2008 was published Apr 1, 2025

The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed

CVE-2025-2006 was published Mar 29, 2025

The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-2249 was published Mar 29, 2025

In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability... High Unreviewed

CVE-2024-8958 was published Mar 20, 2025

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow... High Unreviewed

CVE-2025-2494 was published Mar 18, 2025

A logic issue was addressed with improved file handling. This issue is fixed in visionOS 2.2,... High Unreviewed

CVE-2024-54525 was published Mar 17, 2025

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote... High Unreviewed

CVE-2025-2396 was published Mar 17, 2025

Inadequate checks in the Media Manager allowed users with "edit" privileges to change file... High Unreviewed

CVE-2025-22213 was published Mar 11, 2025

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-13359 was published Mar 8, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed

CVE-2024-13882 was published Mar 8, 2025

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,034 advisories