Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,525 advisories

Loading
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40546 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS... High Unreviewed
CVE-2024-40545 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40548 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of... High Unreviewed
CVE-2024-40550 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import... Critical Unreviewed
CVE-2024-38734 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX... Critical Unreviewed
CVE-2024-38736 was published Jul 12, 2024
The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image... Moderate Unreviewed
CVE-2024-3112 was published Jul 12, 2024
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an... High Unreviewed
CVE-2024-5911 was published Jul 10, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Croogo... Moderate Unreviewed
CVE-2024-6647 was published Jul 10, 2024
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2023-7061 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39865 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site... Critical Unreviewed
CVE-2024-37420 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks... Critical Unreviewed
CVE-2024-37424 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin allows... Critical Unreviewed
CVE-2024-37418 was published Jul 9, 2024
The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6123 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using... Critical Unreviewed
CVE-2024-37555 was published Jul 9, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-5441 was published Jul 9, 2024
Due to missing verification of file type or content, SAP Enable Now allows an authenticated... Low Unreviewed
CVE-2024-34692 was published Jul 9, 2024
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory,... High Unreviewed
CVE-2024-27903 was published Jul 8, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6319 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6318 was published Jul 4, 2024
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and... Moderate Unreviewed
CVE-2024-6439 was published Jul 2, 2024
yt-dlp File system modification and RCE through improper file-extension sanitization High
CVE-2024-38519 was published for yt-dlp (pip) Jul 2, 2024
pukkandan JarLob
Grub4K
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to... Critical Unreviewed
CVE-2024-37762 was published Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-36987 was published Jul 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database