Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

926 advisories

Loading
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-10960 was published Feb 12, 2025
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-13365 was published Feb 12, 2025
The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-13011 was published Feb 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP Team InstaWP Connect... Critical Unreviewed
CVE-2024-25918 was published Apr 3, 2024
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload... Critical Unreviewed
CVE-2024-57668 was published Feb 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page... Critical Unreviewed
CVE-2024-27951 was published Apr 3, 2024
The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-3962 was published Apr 26, 2024
Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to... Critical Unreviewed
CVE-2024-57968 was published Feb 3, 2025
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2024-2667 was published May 2, 2024
OpenPLC_V3 contains an arbitrary file upload vulnerability, which could be leveraged for... Critical Unreviewed
CVE-2025-1066 was published Feb 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited... Critical Unreviewed
CVE-2023-31090 was published Apr 24, 2024
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a... Critical Unreviewed
CVE-2021-40870 was published May 24, 2022
ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function. Critical Unreviewed
CVE-2024-57450 was published Feb 3, 2025
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload... Critical Unreviewed
CVE-2022-41352 was published Sep 27, 2022
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated... Critical Unreviewed
CVE-2022-26871 was published Mar 30, 2022
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A... Critical Unreviewed
CVE-2021-22005 was published May 24, 2022
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-13448 was published Jan 28, 2025
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... Critical Unreviewed
CVE-2025-0357 was published Jan 25, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a... Critical Unreviewed
CVE-2025-24650 was published Jan 24, 2025
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file... Critical Unreviewed
CVE-2024-48760 was published Jan 15, 2025
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to... Critical Unreviewed
CVE-2017-11357 was published May 14, 2022
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files... Critical Unreviewed
CVE-2025-23953 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows... Critical Unreviewed
CVE-2025-23942 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser... Critical Unreviewed
CVE-2025-23918 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for... Critical Unreviewed
CVE-2025-23921 was published Jan 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database