Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,092 advisories

Loading
Some versions of Hikvision's iSecure Center Product have an improper file upload control... Critical Unreviewed
CVE-2023-28814 was published Oct 17, 2025
The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-10754 was published Oct 15, 2025
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2025-10041 was published Oct 15, 2025
The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-10051 was published Oct 15, 2025
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet... Critical Unreviewed
CVE-2023-7305 was published Oct 15, 2025
An arbitrary file write vulnerability exists in the web-based management interface of both the... High Unreviewed
CVE-2025-37132 was published Oct 14, 2025
Due to missing verification of file type or content, SAP Supplier Relationship Management allows... Critical Unreviewed
CVE-2025-42910 was published Oct 14, 2025
Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing... High Unreviewed
CVE-2025-11675 was published Oct 13, 2025
A vulnerability was detected in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11658 was published Oct 13, 2025
A flaw has been found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11659 was published Oct 13, 2025
A security vulnerability has been detected in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11657 was published Oct 13, 2025
A weakness has been identified in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11656 was published Oct 13, 2025
The Ovatheme Events Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2025-6553 was published Oct 11, 2025
A security vulnerability has been detected in code-projects Voting System 1.0. This affects an... Moderate Unreviewed
CVE-2025-11508 was published Oct 9, 2025
FlowiseAI/Flosise has File Upload vulnerability High
CVE-2025-61687 was published for flowise (npm) Oct 8, 2025
im-soohyun
Credited to im-soohyun
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0.... Moderate Unreviewed
CVE-2025-11426 was published Oct 8, 2025
A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The... Moderate Unreviewed
CVE-2025-11398 was published Oct 7, 2025
A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-11354 was published Oct 7, 2025
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability... Moderate Unreviewed
CVE-2025-11347 was published Oct 7, 2025
The WP Dispatcher plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9212 was published Oct 3, 2025
The AP Background plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9561 was published Oct 3, 2025
Auth0 Symfony SDK Does Not Properly Handle File Types in Bulk User Import Low
GHSA-7jp2-5h22-m432 was published for auth0/symfony (Composer) Oct 1, 2025
Auth0 Wordpress plugin Does Not Properly Handle File Types in Bulk User Import Low
GHSA-w22c-pw5m-482x was published for auth0/wordpress (Composer) Oct 1, 2025
laravel-auth0 SDK Does Not Properly Handle File Types in Bulk User Import Low
GHSA-hjfh-5jmm-xr24 was published for auth0/login (Composer) Oct 1, 2025
auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import Low
CVE-2025-58769 was published for auth0/auth0-php (Composer) Oct 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database