GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,082
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
905 advisories
Filter by severity
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import...
Critical
Unreviewed
CVE-2024-38734
was published
Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks...
Critical
Unreviewed
CVE-2024-37424
was published
Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site...
Critical
Unreviewed
CVE-2024-37420
was published
Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin allows...
Critical
Unreviewed
CVE-2024-37418
was published
Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using...
Critical
Unreviewed
CVE-2024-37555
was published
Jul 9, 2024
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to...
Critical
Unreviewed
CVE-2024-37762
was published
Jul 2, 2024
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web...
Critical
Unreviewed
CVE-2024-5827
was published
Jun 29, 2024
An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry...
Critical
Unreviewed
CVE-2024-35527
was published
Jun 26, 2024
An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow...
Critical
Unreviewed
CVE-2024-4197
was published
Jun 25, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows...
Critical
Unreviewed
CVE-2024-35767
was published
Jun 21, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table...
Critical
Unreviewed
CVE-2023-45197
was published
Jun 21, 2024
In the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop,...
Critical
Unreviewed
CVE-2024-33836
was published
Jun 19, 2024
In the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0...
Critical
Unreviewed
CVE-2024-34990
was published
Jun 19, 2024
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload...
Critical
Unreviewed
CVE-2024-34833
was published
Jun 17, 2024
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An...
Critical
Unreviewed
CVE-2024-3912
was published
Jun 14, 2024
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-31777
was published
Jun 14, 2024
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the...
Critical
Unreviewed
CVE-2024-1659
was published
Jun 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress...
Critical
Unreviewed
CVE-2024-35746
was published
Jun 10, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited...
Critical
Unreviewed
CVE-2023-33930
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The remote code execution vulnerability in the CGI program ...
Critical
Unreviewed
CVE-2024-29974
was published
Jun 4, 2024
An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5...
Critical
Unreviewed
CVE-2024-34982
was published
May 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in JumpDEMAND Inc. ActiveDEMAND...
Critical
Unreviewed
CVE-2024-32809
was published
May 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content...
Critical
Unreviewed
CVE-2024-31351
was published
May 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best...
Critical
Unreviewed
CVE-2023-25444
was published
May 17, 2024
An unauthenticated attacker can upload a malicious file to the server which when accessed by a...
Critical
Unreviewed
CVE-2024-33006
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API