GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,946
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,235
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,567

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

892 advisories

Filter by severity

Sort by

Least recently updated

A unrestricted upload of file with dangerous type vulnerability in epaper draft function in... Critical Unreviewed

CVE-2024-11984 was published Dec 19, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed

CVE-2024-56052 was published Dec 18, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed

CVE-2024-56054 was published Dec 18, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed

CVE-2024-56057 was published Dec 18, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed

CVE-2024-56050 was published Dec 18, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed

CVE-2024-54285 was published Dec 16, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo... Critical Unreviewed

CVE-2024-54370 was published Dec 16, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed

CVE-2024-54262 was published Dec 13, 2024

The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed

CVE-2024-9290 was published Dec 13, 2024

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed

CVE-2024-54918 was published Dec 9, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium... Critical Unreviewed

CVE-2024-53822 was published Dec 9, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a... Critical Unreviewed

CVE-2024-54214 was published Dec 6, 2024

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions... Critical Unreviewed

CVE-2024-40744 was published Dec 4, 2024

An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows... Critical Unreviewed

CVE-2024-51365 was published Nov 21, 2024

An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows... Critical Unreviewed

CVE-2024-51366 was published Nov 21, 2024

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files,... Critical Unreviewed

CVE-2022-4395 was published Jan 30, 2023

Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds... Critical Unreviewed

CVE-2024-52476 was published Dec 2, 2024

DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed

CVE-2024-11979 was published Nov 29, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web... Critical Unreviewed

CVE-2024-52490 was published Nov 28, 2024

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-11082 was published Nov 28, 2024

HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed

CVE-2024-52677 was published Nov 20, 2024

Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2020-22151 was published Jul 3, 2023

The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to... Critical Unreviewed

CVE-2021-24171 was published May 24, 2022

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-9942 was published Nov 23, 2024

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-9659 was published Nov 23, 2024

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

892 advisories