GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,406
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,605
Maven 6,057
npm 4,250
NuGet 756
pip 4,016
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,192

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,123 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function High Unreviewed

CVE-2025-60731 was published Oct 24, 2025

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function High Unreviewed

CVE-2025-60735 was published Oct 24, 2025

The AIO Forms – Craft Complex Forms Easily plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-11889 was published Oct 24, 2025

QDocs Smart School Management System 7.1 allows authenticated users with roles such as ... High Unreviewed

CVE-2025-60500 was published Oct 21, 2025

The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-10754 was published Oct 15, 2025

The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-10051 was published Oct 15, 2025

An arbitrary file write vulnerability exists in the web-based management interface of both the... High Unreviewed

CVE-2025-37132 was published Oct 14, 2025

Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing... High Unreviewed

CVE-2025-11675 was published Oct 13, 2025

The WP Dispatcher plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-9212 was published Oct 3, 2025

The AP Background plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-9561 was published Oct 3, 2025

Unrestricted file upload vulnerability in DocAve 6.13.2, Perimeter 1.12.3, Compliance Guardian 4... High Unreviewed

CVE-2025-10544 was published Sep 26, 2025

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-10747 was published Sep 26, 2025

Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72... High Unreviewed

CVE-2025-10009 was published Sep 22, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... High Unreviewed

CVE-2025-34195 was published Sep 19, 2025

The Embed PDF for WPForms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-10647 was published Sep 19, 2025

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit... High Unreviewed

CVE-2025-55912 was published Sep 18, 2025

The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates,... High Unreviewed

CVE-2025-9216 was published Sep 17, 2025

by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg... High Unreviewed

CVE-2025-56263 was published Sep 16, 2025

code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload... High Unreviewed

CVE-2025-56295 was published Sep 16, 2025

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite... High Unreviewed

CVE-2025-45586 was published Sep 12, 2025

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and... High Unreviewed

CVE-2025-57642 was published Sep 10, 2025

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed

CVE-2025-10049 was published Sep 10, 2025

The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-10001 was published Sep 10, 2025

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed

CVE-2025-9712 was published Sep 9, 2025

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 Security Update 1 and... High Unreviewed

CVE-2025-9872 was published Sep 9, 2025

Previous1…45 Next

Previous 1 2 3 4 5 … 44 45 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,123 advisories