GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
948 advisories
Filter by severity
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows...
High
Unreviewed
CVE-2024-42676
was published
Aug 15, 2024
The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for...
High
Unreviewed
CVE-2024-9849
was published
Nov 16, 2024
parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect...
High
Unreviewed
CVE-2024-5125
was published
Nov 14, 2024
File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute...
High
Unreviewed
CVE-2024-51152
was published
Nov 8, 2024
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote...
High
Unreviewed
CVE-2024-11017
was published
Nov 11, 2024
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-32254
was published
Apr 16, 2024
*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS...
High
Unreviewed
CVE-2024-48734
was published
Oct 30, 2024
An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized...
High
Unreviewed
CVE-2024-48646
was published
Oct 30, 2024
Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to...
High
Unreviewed
CVE-2024-48093
was published
Oct 30, 2024
File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute...
High
Unreviewed
CVE-2024-48594
was published
Oct 28, 2024
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-7985
was published
Oct 29, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45263
was published
Oct 24, 2024
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to...
High
Unreviewed
CVE-2024-48454
was published
Oct 24, 2024
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution...
High
Unreviewed
CVE-2024-46482
was published
Oct 23, 2024
Administrative Management System from Wellchoose does not properly validate uploaded file types,...
High
Unreviewed
CVE-2024-10201
was published
Oct 21, 2024
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to...
High
Unreviewed
CVE-2024-49398
was published
Oct 17, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9981
was published
Oct 15, 2024
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files...
High
Unreviewed
CVE-2024-47655
was published
Oct 4, 2024
With administrator or admin privileges the application can be tricked into overwriting files in...
High
Unreviewed
CVE-2022-24387
was published
Mar 15, 2022
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2020-36842
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and...
High
Unreviewed
CVE-2024-8746
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all...
High
Unreviewed
CVE-2024-8918
was published
Oct 16, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate...
High
Unreviewed
CVE-2023-49257
was published
Jan 12, 2024
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-45136
was published
Oct 9, 2024
InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File...
High
Unreviewed
CVE-2024-45137
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API