Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,840
Erlang
36
GitHub Actions
33
Go
2,464
Maven
5,000+
npm
4,082
NuGet
723
pip
3,880
Pub
12
RubyGems
943
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,087 advisories

Loading
IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to... High Unreviewed
CVE-2025-36174 was published Aug 24, 2025
The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to... High Unreviewed
CVE-2025-54460 was published Aug 21, 2025
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows... High Unreviewed
CVE-2025-55383 was published Aug 21, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-6079 was published Aug 16, 2025
PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its... High Unreviewed
CVE-2012-10056 was published Aug 13, 2025
Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a... High Unreviewed
CVE-2025-8297 was published Aug 12, 2025
Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog... High Unreviewed
CVE-2012-10042 was published Aug 8, 2025
An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote... High Unreviewed
CVE-2025-51056 was published Aug 6, 2025
A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to... High Unreviewed
CVE-2025-50286 was published Aug 6, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-5061 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6207 was published Aug 5, 2025
Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog... High Unreviewed
CVE-2025-44139 was published Aug 1, 2025
The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images... High Unreviewed
CVE-2025-7443 was published Aug 1, 2025
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2025-7847 was published Jul 31, 2025
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-8323 was published Jul 30, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52449 was published Jul 25, 2025
The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed
CVE-2025-5831 was published Jul 25, 2025
The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2015-10144 was published Jul 25, 2025
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... High Unreviewed
CVE-2025-47187 was published Jul 23, 2025
In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under... High Unreviewed
CVE-2025-46099 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54447 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54439 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54441 was published Jul 23, 2025
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability... High Unreviewed
CVE-2025-7917 was published Jul 21, 2025
CWE-434 Unrestricted Upload of File with Dangerous Type High Unreviewed
CVE-2025-46384 was published Jul 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database