GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
967 advisories
Filter by severity
If the attacker has access to a valid Poweruser session, remote code execution is possible...
High
Unreviewed
CVE-2024-47946
was published
Dec 10, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
could be vulnerable...
High
Unreviewed
CVE-2024-40695
was published
Dec 20, 2024
There is an unrestricted file upload vulnerability where it is possible for an authenticated user...
High
Unreviewed
CVE-2024-12700
was published
Dec 20, 2024
The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-9698
was published
Dec 14, 2024
The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-10590
was published
Dec 12, 2024
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload...
High
Unreviewed
CVE-2024-50625
was published
Dec 10, 2024
An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of...
High
Unreviewed
CVE-2024-46625
was published
Dec 4, 2024
In Cleo Harmony before 5.8.0.20, VLTrader before 5.8.0.20, and LexiCom before 5.8.0.20, there is...
High
Unreviewed
CVE-2024-50623
was published
Oct 28, 2024
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due...
High
Unreviewed
CVE-2024-10578
was published
Dec 6, 2024
Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
...
High
Unreviewed
CVE-2024-51548
was published
Dec 5, 2024
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-32256
was published
Apr 16, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
could be vulnerable to malicious file upload by not...
High
Unreviewed
CVE-2024-40691
was published
Dec 3, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-11391
was published
Dec 3, 2024
An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0...
High
Unreviewed
CVE-2024-52769
was published
Nov 20, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due...
High
Unreviewed
CVE-2024-8066
was published
Nov 28, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute...
High
Unreviewed
CVE-2024-51364
was published
Nov 21, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored...
High
Unreviewed
CVE-2024-9504
was published
Nov 26, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-9660
was published
Nov 23, 2024
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0...
High
Unreviewed
CVE-2024-51208
was published
Nov 20, 2024
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows...
High
Unreviewed
CVE-2024-42676
was published
Aug 15, 2024
The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for...
High
Unreviewed
CVE-2024-9849
was published
Nov 16, 2024
parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect...
High
Unreviewed
CVE-2024-5125
was published
Nov 14, 2024
File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute...
High
Unreviewed
CVE-2024-51152
was published
Nov 8, 2024
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote...
High
Unreviewed
CVE-2024-11017
was published
Nov 11, 2024
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-32254
was published
Apr 16, 2024
ProTip!
Advisories are also available from the
GraphQL API