GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,205

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26 advisories

Filter by severity

Sort by

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-52381 was published Nov 14, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50497 was published Oct 28, 2024

The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion... High Unreviewed

CVE-2024-10436 was published Oct 29, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50435 was published Oct 28, 2024

: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50457 was published Oct 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50434 was published Oct 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50436 was published Oct 28, 2024

The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-8392 was published Oct 26, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49690 was published Oct 23, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49701 was published Oct 23, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49243 was published Oct 18, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49317 was published Oct 17, 2024

The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing... High Unreviewed

CVE-2024-9981 was published Oct 15, 2024

: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49251 was published Oct 16, 2024

: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-48029 was published Oct 16, 2024

A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a... High Unreviewed

CVE-2023-52325 was published Jan 23, 2024

The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2024-8252 was published Aug 30, 2024

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-5762 was published Aug 21, 2024

This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9... High Unreviewed

CVE-2024-21687 was published Jul 16, 2024

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Local File Inclusion... High Unreviewed

CVE-2024-6589 was published Jul 25, 2024

Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via... High Unreviewed

CVE-2024-36569 was published Jun 3, 2024

The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request... High Unreviewed

CVE-2023-2249 was published Jun 9, 2023

The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and... High Unreviewed

CVE-2023-5250 was published Oct 30, 2023

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution... High Unreviewed

CVE-2023-5199 was published Oct 30, 2023

The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed

CVE-2023-5099 was published Oct 31, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26 advisories