Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,076
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,551 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List... Critical Unreviewed
CVE-2025-22782 was published Jan 15, 2025
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was... Critical Unreviewed
CVE-2024-56828 was published Jan 6, 2025
Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13171 was published Jan 14, 2025
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed
CVE-2025-0394 was published Jan 14, 2025
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting... Moderate Unreviewed
CVE-2025-0057 was published Jan 14, 2025
Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload... Critical Unreviewed
CVE-2024-46479 was published Jan 13, 2025
An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to... Critical Unreviewed
CVE-2024-25414 was published Feb 16, 2024
HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts... Low Unreviewed
CVE-2024-42180 was published Jan 13, 2025
A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-0213 was published Jan 4, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2024-13138 was published Jan 5, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms... Critical Unreviewed
CVE-2025-22504 was published Jan 9, 2025
The <redacted>.exe or <redacted>.exe CGI binary can be used to upload arbitrary files to /tmp... Moderate Unreviewed
CVE-2024-43662 was published Jan 9, 2025
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed
CVE-2024-53564 was published Dec 2, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to limited file... High Unreviewed
CVE-2024-1567 was published May 2, 2024
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass High
CVE-2024-29891 was published for github.com/zitadel/zitadel (Go) Mar 28, 2024
amit-laish fforootd
livio-a adlerhurst
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading... Critical Unreviewed
CVE-2022-41573 was published Jan 7, 2025
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-12854 was published Jan 8, 2025
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-12853 was published Jan 8, 2025
An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3... High Unreviewed
CVE-2024-53345 was published Jan 7, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGlow JobBoard Job listing... Critical Unreviewed
CVE-2024-43243 was published Jan 7, 2025
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... Unknown Unreviewed
CVE-2025-22389 was published Jan 4, 2025
An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0... Critical Unreviewed
CVE-2024-55078 was published Jan 3, 2025
Apache Struts file upload logic is flawed Critical
CVE-2024-53677 was published for org.apache.struts:struts2-core (Maven) Dec 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Beee ACF City Selector allows... Moderate Unreviewed
CVE-2024-56264 was published Jan 2, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows... Critical Unreviewed
CVE-2024-56249 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database