Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,944 advisories

Loading
The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload... High Unreviewed
CVE-2025-13069 was published Nov 18, 2025
Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del... High Unreviewed
CVE-2025-41347 was published Nov 18, 2025
The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all... High Unreviewed
CVE-2025-12775 was published Nov 18, 2025
The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions... High Unreviewed
CVE-2025-12528 was published Nov 18, 2025
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12974 was published Nov 18, 2025
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment"... High Unreviewed
CVE-2025-63748 was published Nov 17, 2025
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this... Moderate Unreviewed
CVE-2025-13238 was published Nov 16, 2025
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an... Moderate Unreviewed
CVE-2025-13185 was published Nov 14, 2025
A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af.... Moderate Unreviewed
CVE-2025-9800 was published Nov 14, 2025
A vulnerability was found in Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) with hardware... Moderate Unreviewed
CVE-2025-55810 was published Nov 13, 2025
A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-13061 was published Nov 12, 2025
An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an... High Unreviewed
CVE-2025-12048 was published Nov 12, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz. This issue... High Unreviewed
CVE-2025-59118 was published Nov 12, 2025
Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version... Low Unreviewed
CVE-2025-24862 was published Nov 11, 2025
The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload... High Unreviewed
CVE-2025-12846 was published Nov 11, 2025
The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2025-11170 was published Nov 11, 2025
Migration Workbench (DX Workbench) in SAP NetWeaver Application Server for ABAP fails to trigger... Low Unreviewed
CVE-2025-42883 was published Nov 11, 2025
Employee Records System version 1.0 contains an unrestricted file upload vulnerability that... Critical Unreviewed
CVE-2021-4462 was published Nov 11, 2025
An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple... Low Unreviewed
CVE-2025-63678 was published Nov 11, 2025
EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulnerability, allowing... High Unreviewed
CVE-2025-12867 was published Nov 10, 2025
The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2025-12399 was published Nov 8, 2025
The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2025-11967 was published Nov 8, 2025
The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-12161 was published Nov 8, 2025
A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by... Moderate Unreviewed
CVE-2025-12862 was published Nov 7, 2025
Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated... Critical Unreviewed
CVE-2025-34299 was published Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database