Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,697
Erlang
34
GitHub Actions
28
Go
2,289
Maven
5,000+
npm
3,936
NuGet
708
pip
3,706
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,760 advisories

Loading
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed
CVE-2025-4389 was published May 17, 2025
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2025-4391 was published May 17, 2025
The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2025-3917 was published May 15, 2025
The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed
CVE-2025-4317 was published May 13, 2025
The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with... High Unreviewed
CVE-2025-4561 was published May 12, 2025
The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary... Critical Unreviewed
CVE-2025-4556 was published May 12, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via... Critical Unreviewed
CVE-2025-46193 was published May 9, 2025
A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been... Moderate Unreviewed
CVE-2025-4468 was published May 9, 2025
The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-4403 was published May 9, 2025
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is... High Unreviewed
CVE-2025-3455 was published May 9, 2025
The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-11617 was published May 9, 2025
Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php. Critical Unreviewed
CVE-2023-31585 was published May 8, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload... Moderate Unreviewed
CVE-2025-47550 was published May 7, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a... Critical Unreviewed
CVE-2025-47549 was published May 7, 2025
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed
CVE-2025-40625 was published May 6, 2025
A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed
CVE-2025-4310 was published May 6, 2025
The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-4279 was published May 5, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
October CMS Allows Unprotected SVG Rename in Media Manager Low
CVE-2024-51991 was published for october/october (Composer) May 5, 2025
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a... High Unreviewed
CVE-2024-13418 was published May 2, 2025
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript... Moderate Unreviewed
CVE-2024-11390 was published May 1, 2025
Unrestricted file upload in Kibana allows an authenticated attacker to compromise software... Moderate Unreviewed
CVE-2025-25016 was published May 1, 2025
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and... Moderate Unreviewed
CVE-2022-27562 was published Apr 30, 2025
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and... Moderate Unreviewed
CVE-2022-42449 was published Apr 30, 2025
ShowDoc unrestricted file upload vulnerability Critical
CVE-2025-0520 was published for showdoc/showdoc (Composer) Apr 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database