GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,583

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

967 advisories

Filter by severity

Sort by

Least recently updated

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable... High Unreviewed

CVE-2024-40695 was published Dec 20, 2024

There is an unrestricted file upload vulnerability where it is possible for an authenticated user... High Unreviewed

CVE-2024-12700 was published Dec 20, 2024

The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-9698 was published Dec 14, 2024

The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-10590 was published Dec 12, 2024

If the attacker has access to a valid Poweruser session, remote code execution is possible... High Unreviewed

CVE-2024-47946 was published Dec 10, 2024

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload... High Unreviewed

CVE-2024-50625 was published Dec 10, 2024

The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due... High Unreviewed

CVE-2024-10578 was published Dec 6, 2024

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ... High Unreviewed

CVE-2024-51548 was published Dec 5, 2024

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of... High Unreviewed

CVE-2024-46625 was published Dec 4, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed

CVE-2024-40691 was published Dec 3, 2024

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-11391 was published Dec 3, 2024

The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2024-8066 was published Nov 28, 2024

The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored... High Unreviewed

CVE-2024-9504 was published Nov 26, 2024

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-9660 was published Nov 23, 2024

An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute... High Unreviewed

CVE-2024-51364 was published Nov 21, 2024

An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0... High Unreviewed

CVE-2024-52769 was published Nov 20, 2024

File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0... High Unreviewed

CVE-2024-51208 was published Nov 20, 2024

The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for... High Unreviewed

CVE-2024-9849 was published Nov 16, 2024

parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect... High Unreviewed

CVE-2024-5125 was published Nov 14, 2024

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote... High Unreviewed

CVE-2024-11017 was published Nov 11, 2024

File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute... High Unreviewed

CVE-2024-51152 was published Nov 8, 2024

Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to... High Unreviewed

CVE-2024-48093 was published Oct 30, 2024

*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS... High Unreviewed

CVE-2024-48734 was published Oct 30, 2024

An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized... High Unreviewed

CVE-2024-48646 was published Oct 30, 2024

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-7985 was published Oct 29, 2024

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

967 advisories