Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,373 advisories

Loading
UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows... High Unreviewed
CVE-2023-53924 was published Dec 18, 2025
SitemagicCMS 4.4.3 contains a remote code execution vulnerability that allows attackers to upload... High Unreviewed
CVE-2023-53921 was published Dec 18, 2025
Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2023-53892 was published Dec 15, 2025
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58283 was published Dec 11, 2025
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to... High Unreviewed
CVE-2023-53869 was published Dec 15, 2025
An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8... High Unreviewed
CVE-2025-65471 was published Dec 11, 2025
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability... High Unreviewed
CVE-2025-34506 was published Dec 12, 2025
FNT Command 13.4.0 is vulnerable to Directory Traversal. High Unreviewed
CVE-2024-44599 was published Dec 15, 2025
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module. High Unreviewed
CVE-2024-44598 was published Dec 15, 2025
The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-13094 was published Dec 13, 2025
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of... High Unreviewed
CVE-2018-4063 was published May 24, 2022
The Infility Global plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12968 was published Dec 12, 2025
ElkArte Forum 1.1.9 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58295 was published Dec 12, 2025
LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the... High Unreviewed
CVE-2025-56704 was published Dec 9, 2025
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command... High Unreviewed
CVE-2020-36882 was published Dec 5, 2025
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version <=... High Unreviewed
CVE-2025-14390 was published Dec 10, 2025
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An... High Unreviewed
CVE-2025-65806 was published Dec 4, 2025
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-12966 was published Dec 6, 2025
The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions... High Unreviewed
CVE-2025-13065 was published Dec 6, 2025
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12181 was published Dec 5, 2025
The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-12153 was published Dec 5, 2025
The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all... High Unreviewed
CVE-2025-13066 was published Dec 5, 2025
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12154 was published Dec 5, 2025
The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect... High Unreviewed
CVE-2025-13543 was published Dec 4, 2025
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated... High Unreviewed
CVE-2021-26828 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database