GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,527
Composer 4,692
Erlang 34
GitHub Actions 27
Go 2,279
Maven 5,563
npm 3,931
NuGet 708
pip 3,699
Pub 12
RubyGems 919
Rust 957
Swift 38

Unreviewed advisories

All unreviewed 255,591

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,034 advisories

Filter by severity

Sort by

Least recently updated

The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed

CVE-2025-4317 was published May 13, 2025

The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with... High Unreviewed

CVE-2025-4561 was published May 12, 2025

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is... High Unreviewed

CVE-2025-3455 was published May 9, 2025

An arbitrary file upload vulnerability in the apiImportLabs function in api_labs.php of EVE-NG 2... High Unreviewed

CVE-2022-31366 was published Oct 20, 2022

Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed

CVE-2025-0472 was published Jan 16, 2025

An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3... High Unreviewed

CVE-2024-23534 was published Apr 19, 2024

The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could... High Unreviewed

CVE-2024-5080 was published Jul 13, 2024

An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x... High Unreviewed

CVE-2024-29848 was published May 31, 2024

The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-4279 was published May 5, 2025

Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a... High Unreviewed

CVE-2024-13418 was published May 2, 2025

An arbitrary file upload vulnerability in the image upload function of Canteen Management System... High Unreviewed

CVE-2022-43146 was published Nov 15, 2022

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed

CVE-2022-45476 was published Nov 25, 2022

CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through... High Unreviewed

CVE-2021-43258 was published Nov 23, 2022

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-3914 was published Apr 26, 2025

An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges... High Unreviewed

CVE-2022-45771 was published Dec 5, 2022

An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute... High Unreviewed

CVE-2025-29394 was published Apr 9, 2025

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3616 was published Apr 22, 2025

The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed

CVE-2021-25094 was published Apr 26, 2022

Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new... High Unreviewed

CVE-2017-17874 was published May 14, 2022

Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places... High Unreviewed

CVE-2017-17593 was published May 13, 2022

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload... High Unreviewed

CVE-2017-16524 was published May 17, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed

CVE-2017-10940 was published May 13, 2022

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload... High Unreviewed

CVE-2017-15957 was published May 17, 2022

Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier... High Unreviewed

CVE-2017-6090 was published May 14, 2022

lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users,... High Unreviewed

CVE-2017-14958 was published May 17, 2022

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,034 advisories