GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
112 advisories
Filter by severity
A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to...
Critical
Unreviewed
CVE-2022-40089
was published
Sep 23, 2022
PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.
Critical
Unreviewed
CVE-2022-4446
was published
Dec 13, 2022
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.
Critical
Unreviewed
CVE-2022-4606
was published
Dec 18, 2022
Cockpit PHP Remote File Inclusion vulnerability
Critical
CVE-2023-4195
was published
for
cockpit-hq/cockpit
(Composer)
Aug 6, 2023
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and...
Critical
Unreviewed
CVE-2023-3452
was published
Aug 12, 2023
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter
Critical
CVE-2015-5467
was published
for
yiisoft/yii2
(Composer)
Sep 21, 2023
The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to,...
Critical
Unreviewed
CVE-2023-4488
was published
Oct 20, 2023
The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is...
Critical
Unreviewed
CVE-2023-6989
was published
Feb 6, 2024
The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
Critical
Unreviewed
CVE-2024-2411
was published
Mar 29, 2024
Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows...
Critical
Unreviewed
CVE-2024-30849
was published
Apr 5, 2024
The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
Critical
Unreviewed
CVE-2024-3136
was published
Apr 9, 2024
A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application,...
Critical
Unreviewed
CVE-2024-1600
was published
Apr 10, 2024
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and...
Critical
Unreviewed
CVE-2024-3806
was published
May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file...
Critical
Unreviewed
CVE-2024-33863
was published
May 14, 2024
The Penci Soledad Data Migrator plugin for WordPress is vulnerable to Local File Inclusion in all...
Critical
Unreviewed
CVE-2024-3551
was published
May 17, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Critical
Unreviewed
CVE-2024-35629
was published
Jun 4, 2024
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and...
Critical
Unreviewed
CVE-2024-4936
was published
Jun 14, 2024
The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in...
Critical
Unreviewed
CVE-2024-5577
was published
Jun 14, 2024
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is...
Critical
Unreviewed
CVE-2024-4258
was published
Jun 15, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Critical
Unreviewed
CVE-2024-43261
was published
Aug 19, 2024
The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly...
Critical
Unreviewed
CVE-2024-41925
was published
Oct 4, 2024
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all...
Critical
Unreviewed
CVE-2024-10871
was published
Nov 9, 2024
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion...
Critical
Unreviewed
CVE-2024-10571
was published
Nov 14, 2024
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local...
Critical
Unreviewed
CVE-2024-12209
was published
Dec 8, 2024
The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is...
Critical
Unreviewed
CVE-2024-12571
was published
Dec 20, 2024
ProTip!
Advisories are also available from the
GraphQL API