Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,595 advisories

Loading
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload... Critical Unreviewed
CVE-2024-57668 was published Feb 6, 2025
OpenPLC_V3 contains an arbitrary file upload vulnerability, which could be leveraged for... Critical Unreviewed
CVE-2025-1066 was published Feb 6, 2025
The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-1028 was published Feb 5, 2025
Cockpit Arbitrary File Upload High
CVE-2025-1025 was published for cockpit-hq/cockpit (Composer) Feb 5, 2025
The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated... High Unreviewed
CVE-2024-13723 was published Feb 5, 2025
Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to... Critical Unreviewed
CVE-2024-57968 was published Feb 3, 2025
ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function. Critical Unreviewed
CVE-2024-57450 was published Feb 3, 2025
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command... High Unreviewed
CVE-2025-24505 was published Jan 30, 2025
DevDojo Voyager Arbitrary File Write Moderate
CVE-2024-55417 was published for tcg/voyager (Composer) Jan 30, 2025
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-13448 was published Jan 28, 2025
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... Critical Unreviewed
CVE-2025-0357 was published Jan 25, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a... Critical Unreviewed
CVE-2025-24650 was published Jan 24, 2025
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed
CVE-2024-40693 was published Jan 24, 2025
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed
CVE-2024-25034 was published Jan 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows... Critical Unreviewed
CVE-2025-23942 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files... Critical Unreviewed
CVE-2025-23953 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for... Critical Unreviewed
CVE-2025-23921 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser... Critical Unreviewed
CVE-2025-23918 was published Jan 22, 2025
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2024-13091 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer.... Critical Unreviewed
CVE-2024-51919 was published Jan 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with... Critical Unreviewed
CVE-2025-22723 was published Jan 21, 2025
A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0... Moderate Unreviewed
CVE-2025-0582 was published Jan 20, 2025
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13333 was published Jan 17, 2025
An issue in themesebrand Chatvia v.5.3.2 allows a remote attacker to execute arbitrary code via... Moderate Unreviewed
CVE-2024-40513 was published Jan 17, 2025
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database