Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory,... High Unreviewed
CVE-2024-27903 was published Jul 8, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6319 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6318 was published Jul 4, 2024
yt-dlp File system modification and RCE through improper file-extension sanitization High
CVE-2024-38519 was published for yt-dlp (pip) Jul 2, 2024
pukkandan JarLob
Grub4K
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type... High Unreviewed
CVE-2024-3123 was published Jul 1, 2024
A vulnerability has been found in itsourcecode Online Food Ordering System up to 1.0 and... High Unreviewed
CVE-2024-6373 was published Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain... High Unreviewed
CVE-2024-5008 was published Jun 25, 2024
An authenticated user can upload arbitrary files in the upload function for collection preview... High Unreviewed
CVE-2024-28147 was published Jun 20, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
Dolibarr arbitrary file upload vulnerability High
CVE-2024-37821 was published for dolibarr/dolibarr (Composer) Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... High Unreviewed
CVE-2024-6116 was published Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation... High Unreviewed
CVE-2024-6115 was published Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... High Unreviewed
CVE-2024-6114 was published Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1... High Unreviewed
CVE-2024-6110 was published Jun 18, 2024
The upload functionality of ASUS Download Master does not properly filter user input. Remote... High Unreviewed
CVE-2024-31161 was published Jun 14, 2024
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type High Unreviewed
CVE-2024-36396 was published Jun 13, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... High Unreviewed
CVE-2024-34110 was published Jun 13, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability High
CVE-2024-36811 was published for aimeos/aimeos-core (Composer) Jun 7, 2024 withdrawn
aimeos
TYPO3 Arbitrary Code Execution via File List Module High
GHSA-8h4m-r4wm-xj7r was published for typo3/cms (Composer) Jun 7, 2024
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute... High Unreviewed
CVE-2024-36774 was published Jun 7, 2024
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x... High Unreviewed
CVE-2024-29848 was published May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a... High Unreviewed
CVE-2024-22060 was published May 31, 2024
TYPO3 Arbitrary Code Execution via File List Module High
GHSA-f9hr-7cfq-mjg2 was published for typo3/cms-core (Composer) May 30, 2024
silverstripe/framework allows upload of dangerous file types High
GHSA-vcg6-8fxc-x5cq was published for silverstripe/framework (Composer) May 27, 2024
A vulnerability classified as critical has been found in SourceCodester Student Management System... High Unreviewed
CVE-2024-5047 was published May 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database