Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,525 advisories

Loading
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed
CVE-2024-40125 was published Sep 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46377 was published Sep 18, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-8242 was published Sep 13, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online... Critical Unreviewed
CVE-2024-27115 was published Sep 11, 2024
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in... Critical Unreviewed
CVE-2024-44849 was published Sep 9, 2024
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to... Moderate Unreviewed
CVE-2024-7620 was published Sep 7, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed
CVE-2024-45171 was published Sep 5, 2024
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of... Critical Unreviewed
CVE-2024-8463 was published Sep 5, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute... Critical Unreviewed
CVE-2024-45076 was published Sep 4, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed
CVE-2024-42991 was published Sep 3, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Petshop... Moderate Unreviewed
CVE-2024-8342 was published Aug 30, 2024
A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0.... Moderate Unreviewed
CVE-2024-8341 was published Aug 30, 2024
A vulnerability was found in HFO4 shudong-share 2.4.7. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2024-8338 was published Aug 30, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed
CVE-2024-8330 was published Aug 30, 2024
FeehiCMS User[avatar] unrestricted upload Moderate
CVE-2024-8296 was published for feehi/cms (Composer) Aug 29, 2024
FeehiCMS file upload vulnerability Moderate
CVE-2024-8294 was published for feehi/cms (Composer) Aug 29, 2024
FeehiCMS BannerForm[img] unrestricted upload Moderate
CVE-2024-8295 was published for feehi/cms (Composer) Aug 29, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-6311 was published Aug 28, 2024
A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager... Moderate Unreviewed
CVE-2024-8170 was published Aug 26, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed
CVE-2024-7987 was published Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database