Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
720
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,908 advisories

Loading
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management... Critical Unreviewed
CVE-2025-40599 was published Jul 23, 2025
In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under... High Unreviewed
CVE-2025-46099 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed
CVE-2025-54449 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed
CVE-2025-54448 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54447 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed
CVE-2025-54442 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54439 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54441 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed
CVE-2025-54440 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed
CVE-2025-54444 was published Jul 23, 2025
The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed
CVE-2012-10020 was published Jul 22, 2025
The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2015-10137 was published Jul 22, 2025
nova-tiptap has Unauthenticated Arbitrary File Upload Vulnerability Critical
CVE-2025-54082 was published for manogi/nova-tiptap (Composer) Jul 21, 2025
vintagesucks
Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type... Moderate Unreviewed
CVE-2025-32744 was published Jul 21, 2025
In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following... Critical Unreviewed
CVE-2025-44658 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability... High Unreviewed
CVE-2025-7917 was published Jul 21, 2025
CWE-434 Unrestricted Upload of File with Dangerous Type High Unreviewed
CVE-2025-46384 was published Jul 20, 2025
The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2015-10138 was published Jul 19, 2025
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2012-10019 was published Jul 19, 2025
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2015-10135 was published Jul 19, 2025
The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2016-15043 was published Jul 19, 2025
simogeo/filemanager arbitrary file upload vulnerability Critical
CVE-2025-46001 was published for simogeo/filemanager (Composer) Jul 18, 2025
The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-7438 was published Jul 18, 2025
The WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User... Critical Unreviewed
CVE-2025-6222 was published Jul 18, 2025
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... Moderate Unreviewed
CVE-2025-20274 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database