GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,434
Composer 4,826
Erlang 36
GitHub Actions 32
Go 2,426
Maven 5,833
npm 4,058
NuGet 723
pip 3,848
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 265,053

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,947 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10052 was published Aug 8, 2025

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote... Critical Unreviewed

CVE-2012-10045 was published Aug 8, 2025

CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10050 was published Aug 8, 2025

WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10049 was published Aug 8, 2025

Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog... High Unreviewed

CVE-2012-10042 was published Aug 8, 2025

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed

CVE-2012-10036 was published Aug 8, 2025

MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php... Critical Unreviewed

CVE-2012-10044 was published Aug 8, 2025

In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to... Moderate Unreviewed

CVE-2025-55135 was published Aug 7, 2025

An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote... High Unreviewed

CVE-2025-51056 was published Aug 6, 2025

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to... High Unreviewed

CVE-2025-50286 was published Aug 6, 2025

CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow... Critical Unreviewed

CVE-2025-22470 was published Aug 6, 2025

File upload vulnerability in Writebot AI Content Generator SaaS React Template thru 4.0.0,... Moderate Unreviewed

CVE-2025-52078 was published Aug 5, 2025

Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload... Critical Unreviewed

CVE-2013-10067 was published Aug 5, 2025

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The... Critical Unreviewed

CVE-2013-10066 was published Aug 5, 2025

The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary... Critical Unreviewed

CVE-2012-10026 was published Aug 5, 2025

WP-Property plugin for WordPress through version 1.35.0 contains an unauthenticated file upload... Critical Unreviewed

CVE-2012-10027 was published Aug 5, 2025

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-5061 was published Aug 5, 2025

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-6207 was published Aug 5, 2025

An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code... Critical Unreviewed

CVE-2025-52239 was published Aug 4, 2025

An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and... Critical Unreviewed

CVE-2013-10054 was published Aug 4, 2025

/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload... Moderate Unreviewed

CVE-2025-54962 was published Aug 4, 2025

An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and... Critical Unreviewed

CVE-2013-10055 was published Aug 1, 2025

An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows... Critical Unreviewed

CVE-2013-10047 was published Aug 1, 2025

Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog... High Unreviewed

CVE-2025-44139 was published Aug 1, 2025

The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images... High Unreviewed

CVE-2025-7443 was published Aug 1, 2025

Previous 1 2 3 4 5 … 117 118 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,947 advisories