GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,738
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.
Critical
Unreviewed
CVE-2022-4606
was published
Dec 18, 2022
Cockpit PHP Remote File Inclusion vulnerability
Critical
CVE-2023-4195
was published
for
cockpit-hq/cockpit
(Composer)
Aug 6, 2023
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter
Critical
CVE-2015-5467
was published
for
yiisoft/yii2
(Composer)
Sep 21, 2023
PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.
Critical
Unreviewed
CVE-2022-4446
was published
Dec 13, 2022
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and...
Critical
Unreviewed
CVE-2023-3452
was published
Aug 12, 2023
A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application,...
Critical
Unreviewed
CVE-2024-1600
was published
Apr 10, 2024
The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to,...
Critical
Unreviewed
CVE-2023-4488
was published
Oct 20, 2023
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Critical
Unreviewed
CVE-2024-35629
was published
Jun 4, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file...
Critical
Unreviewed
CVE-2024-33863
was published
May 14, 2024
Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows...
Critical
Unreviewed
CVE-2024-30849
was published
Apr 5, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Critical
Unreviewed
CVE-2024-43261
was published
Aug 19, 2024
The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly...
Critical
Unreviewed
CVE-2024-41925
was published
Oct 4, 2024
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all...
Critical
Unreviewed
CVE-2024-10871
was published
Nov 9, 2024
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion...
Critical
Unreviewed
CVE-2024-10571
was published
Nov 14, 2024
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local...
Critical
Unreviewed
CVE-2024-12209
was published
Dec 8, 2024
The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is...
Critical
Unreviewed
CVE-2024-12571
was published
Dec 20, 2024
ProTip!
Advisories are also available from the
GraphQL API