Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,222 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket... Critical Unreviewed
CVE-2025-60235 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings... Critical Unreviewed
CVE-2025-58996 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in borisolhor Drop Uploader for CF7... Critical Unreviewed
CVE-2025-53283 was published Nov 6, 2025
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient... High Unreviewed
CVE-2025-10907 was published Nov 5, 2025
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker... Moderate Unreviewed
CVE-2025-20375 was published Nov 5, 2025
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker... Moderate Unreviewed
CVE-2025-20376 was published Nov 5, 2025
A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could... Critical Unreviewed
CVE-2025-20354 was published Nov 5, 2025
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an... Critical Unreviewed
CVE-2025-63601 was published Nov 5, 2025
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input... Moderate Unreviewed
CVE-2025-3125 was published Nov 5, 2025
The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-12674 was published Nov 5, 2025
The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript... Critical Unreviewed
CVE-2025-12682 was published Nov 4, 2025
The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote... High Unreviewed
CVE-2025-11724 was published Nov 4, 2025
Arbitrary code execution is possible due to improper validation of the file upload functionality... High Unreviewed
CVE-2025-48396 was published Nov 3, 2025
A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The... Moderate Unreviewed
CVE-2025-12593 was published Nov 2, 2025
The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2025-12171 was published Nov 1, 2025
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for... High Unreviewed
CVE-2025-11755 was published Nov 1, 2025
The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for... Critical Unreviewed
CVE-2025-11499 was published Nov 1, 2025
Nagios XI versions prior to 5.7.2 allow PHP files to be uploaded to the Audio Import directory... High Unreviewed
CVE-2020-36863 was published Oct 31, 2025
DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite Critical
CVE-2025-64095 was published for DNN.PLATFORM (NuGet) Oct 29, 2025
bdukes valadas
Credited to bdukes and valadas
DNN CKEditor Provider allows unauthenticated upload out-of-the-box Moderate
CVE-2025-62802 was published for Dnn.Platform (NuGet) Oct 29, 2025
r90727 bdukes
donker david-poindexter mitchelsellers
Credited to r90727, bdukes, donker, david-poindexter, and mitchelsellers
A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue... Moderate Unreviewed
CVE-2025-12378 was published Oct 28, 2025
A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the... Moderate Unreviewed
CVE-2025-12347 was published Oct 28, 2025
A vulnerability was detected in MaxSite CMS up to 109. This vulnerability affects unknown code of... Moderate Unreviewed
CVE-2025-12346 was published Oct 28, 2025
A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the... Moderate Unreviewed
CVE-2025-12331 was published Oct 28, 2025
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0.... Moderate Unreviewed
CVE-2025-12301 was published Oct 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database