GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,545
Composer 4,693
Erlang 34
GitHub Actions 28
Go 2,283
Maven 5,567
npm 3,934
NuGet 708
pip 3,702
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 255,878

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,500 advisories

Filter by severity

Sort by

Least recently updated

Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed

CVE-2022-41534 was published Oct 14, 2022

The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed

CVE-2025-3917 was published May 15, 2025

A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product... Moderate Unreviewed

CVE-2025-3764 was published Apr 17, 2025

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based... Moderate Unreviewed

CVE-2025-3765 was published Apr 17, 2025

A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been... Moderate Unreviewed

CVE-2025-4468 was published May 9, 2025

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It... Moderate Unreviewed

CVE-2025-3244 was published Apr 4, 2025

Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed

CVE-2025-40625 was published May 6, 2025

A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed

CVE-2025-4310 was published May 6, 2025

The Bug Library WordPress plugin before 2.1.1 does not check the file type on user-submitted bug... Critical Unreviewed

CVE-2024-5450 was published Jul 13, 2024

The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed

CVE-2025-4317 was published May 13, 2025

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via... Critical Unreviewed

CVE-2025-46193 was published May 9, 2025

Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php. Critical Unreviewed

CVE-2023-31585 was published May 8, 2025

The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with... High Unreviewed

CVE-2025-4561 was published May 12, 2025

The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary... Critical Unreviewed

CVE-2025-4556 was published May 12, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload... Moderate Unreviewed

CVE-2025-47550 was published May 7, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a... Critical Unreviewed

CVE-2025-47549 was published May 7, 2025

The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-4403 was published May 9, 2025

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is... High Unreviewed

CVE-2025-3455 was published May 9, 2025

The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2024-11617 was published May 9, 2025

Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed

CVE-2025-28168 was published May 5, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Skymoonlabs MoveTo.This issue... Critical Unreviewed

CVE-2024-25913 was published Feb 26, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy... Critical Unreviewed

CVE-2024-25925 was published Feb 26, 2024

An arbitrary file upload vulnerability in the apiImportLabs function in api_labs.php of EVE-NG 2... High Unreviewed

CVE-2022-31366 was published Oct 20, 2022

Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This... Critical Unreviewed

CVE-2024-25909 was published Feb 26, 2024

Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary... Critical Unreviewed

CVE-2024-23759 was published Feb 13, 2024

Previous 1 2 3 4 5 … 99 100 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,500 advisories