GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,046
Composer 4,313
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,247
npm 3,744
NuGet 669
pip 3,433
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 240,817

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

902 advisories

Filter by severity

Sort by

Least recently updated

The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a... Critical Unreviewed

CVE-2024-7772 was published Sep 26, 2024

Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload... Critical Unreviewed

CVE-2024-8940 was published Sep 25, 2024

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... Critical Unreviewed

CVE-2023-26686 was published Sep 25, 2024

GDidees CMS <= v3.9.1 has a file upload vulnerability. Critical Unreviewed

CVE-2024-46101 was published Sep 20, 2024

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2024-46377 was published Sep 18, 2024

A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online... Critical Unreviewed

CVE-2024-27115 was published Sep 11, 2024

Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in... Critical Unreviewed

CVE-2024-44849 was published Sep 9, 2024

File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of... Critical Unreviewed

CVE-2024-8463 was published Sep 5, 2024

IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute... Critical Unreviewed

CVE-2024-45076 was published Sep 4, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of... Critical Unreviewed

CVE-2024-42777 was published Aug 21, 2024

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2024-42563 was published Aug 20, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows... Critical Unreviewed

CVE-2024-43249 was published Aug 19, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Critical Unreviewed

CVE-2024-39397 was published Aug 14, 2024

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter,... Critical Unreviewed

CVE-2024-7732 was published Aug 14, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection... Critical Unreviewed

CVE-2024-43160 was published Aug 13, 2024

An arbitrary file upload vulnerability in the Ueditor component of productinfoquick v1.0 allows... Critical Unreviewed

CVE-2024-41577 was published Aug 12, 2024

A Unrestricted upload of file with dangerous type vulnerability in meeting management function in... Critical Unreviewed

CVE-2024-6117 was published Aug 5, 2024

The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed

CVE-2024-7257 was published Aug 3, 2024

The 简数采集器 (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2024-6220 was published Jul 17, 2024

Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an... Critical Unreviewed

CVE-2024-40394 was published Jul 16, 2024

File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1... Critical Unreviewed

CVE-2024-40425 was published Jul 16, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX... Critical Unreviewed

CVE-2024-38736 was published Jul 12, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import... Critical Unreviewed

CVE-2024-38734 was published Jul 12, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks... Critical Unreviewed

CVE-2024-37424 was published Jul 9, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site... Critical Unreviewed

CVE-2024-37420 was published Jul 9, 2024

Previous 1 2 3 4 5 6 7 8 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

902 advisories