GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,212

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,078 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2025-55835 was published Sep 12, 2025

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed

CVE-2025-9113 was published Sep 8, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed

CVE-2025-58819 was published Sep 5, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management... Critical Unreviewed

CVE-2025-31100 was published Aug 31, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File... Critical Unreviewed

CVE-2025-49387 was published Aug 28, 2025

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed

CVE-2025-53970 was published Aug 28, 2025

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed

CVE-2025-54762 was published Aug 28, 2025

Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile... Critical Unreviewed

CVE-2025-34163 was published Aug 28, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a... Critical Unreviewed

CVE-2025-53251 was published Aug 21, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking &... Critical Unreviewed

CVE-2025-54677 was published Aug 20, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ReachShip... Critical Unreviewed

CVE-2025-53213 was published Aug 20, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for... Critical Unreviewed

CVE-2025-48148 was published Aug 20, 2025

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to... Critical Unreviewed

CVE-2025-7441 was published Aug 16, 2025

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for... Critical Unreviewed

CVE-2025-54473 was published Aug 15, 2025

The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-6679 was published Aug 15, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload... Critical Unreviewed

CVE-2025-54693 was published Aug 14, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a... Critical Unreviewed

CVE-2025-24775 was published Aug 14, 2025

Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed

CVE-2012-10038 was published Aug 11, 2025

EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10052 was published Aug 8, 2025

WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10049 was published Aug 8, 2025

CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10050 was published Aug 8, 2025

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote... Critical Unreviewed

CVE-2012-10045 was published Aug 8, 2025

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed

CVE-2012-10036 was published Aug 8, 2025

MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php... Critical Unreviewed

CVE-2012-10044 was published Aug 8, 2025

CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow... Critical Unreviewed

CVE-2025-22470 was published Aug 6, 2025

Previous1…44 Next

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,078 advisories