GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,059 advisories
Filter by severity
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects...
High
Unreviewed
CVE-2024-1036
was published
Jan 30, 2024
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects...
High
Unreviewed
CVE-2024-1034
was published
Jan 30, 2024
An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to...
High
Unreviewed
CVE-2024-24399
was published
Jan 25, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order...
High
Unreviewed
CVE-2024-22135
was published
Jan 24, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export...
High
Unreviewed
CVE-2024-22152
was published
Jan 24, 2024
An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote...
High
Unreviewed
CVE-2023-52324
was published
Jan 23, 2024
DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php.
High
Unreviewed
CVE-2024-22895
was published
Jan 22, 2024
A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This...
High
Unreviewed
CVE-2024-0648
was published
Jan 18, 2024
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an...
High
Unreviewed
CVE-2024-20272
was published
Jan 17, 2024
The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to...
High
Unreviewed
CVE-2023-4536
was published
Jan 16, 2024
Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing...
High
Unreviewed
CVE-2022-1538
was published
Jan 16, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate...
High
Unreviewed
CVE-2023-49257
was published
Jan 12, 2024
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and...
High
Unreviewed
CVE-2023-46474
was published
Jan 12, 2024
The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2023-6220
was published
Jan 11, 2024
The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2023-6558
was published
Jan 11, 2024
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2023-6636
was published
Jan 11, 2024
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This...
High
Unreviewed
CVE-2024-0352
was published
Jan 10, 2024
The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo...
High
Unreviewed
CVE-2023-5957
was published
Jan 8, 2024
The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited...
High
Unreviewed
CVE-2023-6140
was published
Jan 8, 2024
Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f'...
High
Unreviewed
CVE-2023-50760
was published
Jan 4, 2024
An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the...
High
Unreviewed
CVE-2023-50922
was published
Jan 3, 2024
HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web...
High
Unreviewed
CVE-2023-45724
was published
Jan 3, 2024
There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8,...
High
Unreviewed
CVE-2023-50038
was published
Dec 28, 2023
File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via...
High
Unreviewed
CVE-2023-50692
was published
Dec 28, 2023
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not...
High
Unreviewed
CVE-2023-5931
was published
Dec 26, 2023
ProTip!
Advisories are also available from the
GraphQL API