Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote... High Unreviewed
CVE-2024-37868 was published Oct 4, 2024
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files... High Unreviewed
CVE-2024-47655 was published Oct 4, 2024
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-7855 was published Oct 2, 2024
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code... High Unreviewed
CVE-2024-46441 was published Sep 27, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ... High Unreviewed
CVE-2024-8126 was published Sep 26, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... High Unreviewed
CVE-2023-26690 was published Sep 25, 2024
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed
CVE-2024-40125 was published Sep 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed
CVE-2024-45171 was published Sep 5, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed
CVE-2024-42991 was published Sep 3, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed
CVE-2024-8330 was published Aug 30, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-6311 was published Aug 28, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed
CVE-2024-7987 was published Aug 26, 2024
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin... High Unreviewed
CVE-2024-42523 was published Aug 23, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin... High Unreviewed
CVE-2024-42767 was published Aug 22, 2024
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress... High Unreviewed
CVE-2024-7384 was published Aug 22, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in... High Unreviewed
CVE-2024-42778 was published Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in... High Unreviewed
CVE-2024-42780 was published Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in... High Unreviewed
CVE-2024-42779 was published Aug 21, 2024
The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable... High Unreviewed
CVE-2022-1206 was published Aug 20, 2024
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload... High Unreviewed
CVE-2023-0714 was published Aug 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database