Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,284 advisories

Loading
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46377 was published Sep 18, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-8242 was published Sep 13, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online... Critical Unreviewed
CVE-2024-27115 was published Sep 11, 2024
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in... Critical Unreviewed
CVE-2024-44849 was published Sep 9, 2024
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to... Moderate Unreviewed
CVE-2024-7620 was published Sep 7, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed
CVE-2024-45171 was published Sep 5, 2024
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of... Critical Unreviewed
CVE-2024-8463 was published Sep 5, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute... Critical Unreviewed
CVE-2024-45076 was published Sep 4, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed
CVE-2024-42991 was published Sep 3, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Petshop... Moderate Unreviewed
CVE-2024-8342 was published Aug 30, 2024
A vulnerability was found in HFO4 shudong-share 2.4.7. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2024-8338 was published Aug 30, 2024
A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0.... Moderate Unreviewed
CVE-2024-8341 was published Aug 30, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed
CVE-2024-8330 was published Aug 30, 2024
FeehiCMS User[avatar] unrestricted upload Moderate
CVE-2024-8296 was published for feehi/cms (Composer) Aug 29, 2024
FeehiCMS file upload vulnerability Moderate
CVE-2024-8294 was published for feehi/cms (Composer) Aug 29, 2024
FeehiCMS BannerForm[img] unrestricted upload Moderate
CVE-2024-8295 was published for feehi/cms (Composer) Aug 29, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-6311 was published Aug 28, 2024
A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager... Moderate Unreviewed
CVE-2024-8170 was published Aug 26, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed
CVE-2024-7987 was published Aug 26, 2024
A vulnerability has been found in Ruijie EG2000K 11.1(6)B2 and classified as critical. This... Moderate Unreviewed
CVE-2024-8166 was published Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API