GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,259
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,032 advisories
Filter by severity
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code...
High
Unreviewed
CVE-2024-46441
was published
Sep 27, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ...
High
Unreviewed
CVE-2024-8126
was published
Sep 26, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary...
High
Unreviewed
CVE-2023-26690
was published
Sep 25, 2024
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology...
High
Unreviewed
CVE-2024-40125
was published
Sep 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend.
High
Unreviewed
CVE-2024-46373
was published
Sep 18, 2024
Contao affected by remote command execution through file upload
High
CVE-2024-45398
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload...
High
Unreviewed
CVE-2024-8232
was published
Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows...
High
Unreviewed
CVE-2024-44871
was published
Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin...
High
Unreviewed
CVE-2024-7770
was published
Sep 10, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user...
High
Unreviewed
CVE-2024-45171
was published
Sep 5, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution.
High
Unreviewed
CVE-2024-42991
was published
Sep 3, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing...
High
Unreviewed
CVE-2024-8330
was published
Aug 30, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-6311
was published
Aug 28, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™...
High
Unreviewed
CVE-2024-7987
was published
Aug 26, 2024
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin...
High
Unreviewed
CVE-2024-42523
was published
Aug 23, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin...
High
Unreviewed
CVE-2024-42767
was published
Aug 22, 2024
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress...
High
Unreviewed
CVE-2024-7384
was published
Aug 22, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in...
High
Unreviewed
CVE-2024-42778
was published
Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in...
High
Unreviewed
CVE-2024-42780
was published
Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in...
High
Unreviewed
CVE-2024-42779
was published
Aug 21, 2024
The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2022-1206
was published
Aug 20, 2024
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload...
High
Unreviewed
CVE-2023-0714
was published
Aug 17, 2024
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows...
High
Unreviewed
CVE-2024-42676
was published
Aug 15, 2024
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-4389
was published
Aug 14, 2024
The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-6823
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API