Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,259
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,299 advisories

Loading
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code... High Unreviewed
CVE-2024-46441 was published Sep 27, 2024
A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3.... Moderate Unreviewed
CVE-2024-9278 was published Sep 27, 2024
A vulnerability has been found in kalvinGit kvf-admin up to... Moderate Unreviewed
CVE-2024-9280 was published Sep 27, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal Critical
CVE-2024-47169 was published for agnai (npm) Sep 26, 2024
ropwareJB
MoinMoin Multiple unrestricted file upload vulnerabilities Moderate
CVE-2012-6081 was published for moin (pip) May 17, 2022
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various... Moderate Unreviewed
CVE-2024-8725 was published Sep 26, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ... High Unreviewed
CVE-2024-8126 was published Sep 26, 2024
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a... Critical Unreviewed
CVE-2024-7772 was published Sep 26, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... Critical Unreviewed
CVE-2023-26686 was published Sep 25, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... High Unreviewed
CVE-2023-26690 was published Sep 25, 2024
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload... Critical Unreviewed
CVE-2024-8940 was published Sep 25, 2024
GDidees CMS <= v3.9.1 has a file upload vulnerability. Critical Unreviewed
CVE-2024-46101 was published Sep 20, 2024
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2024-9036 was published Sep 20, 2024
A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0.... Moderate Unreviewed
CVE-2024-9038 was published Sep 20, 2024
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed
CVE-2024-40125 was published Sep 19, 2024
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46377 was published Sep 18, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online... Critical Unreviewed
CVE-2024-27115 was published Sep 11, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
Unrestricted Upload of File with Dangerous Type in django-widgy Critical
CVE-2020-18704 was published for django-widgy (pip) Aug 30, 2021
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter,... Critical Unreviewed
CVE-2024-7732 was published Aug 14, 2024
A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an... Moderate Unreviewed
CVE-2024-6083 was published Jun 18, 2024
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. High
CVE-2021-40324 was published for cobbler (pip) Oct 5, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database