Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,525 advisories

Loading
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type... High Unreviewed
CVE-2024-3123 was published Jul 1, 2024
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web... Critical Unreviewed
CVE-2024-5827 was published Jun 29, 2024
pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint Critical
CVE-2024-5980 was published for lightning (pip) Jun 27, 2024
awaelchli
A vulnerability has been found in itsourcecode Online Food Ordering System up to 1.0 and... Moderate Unreviewed
CVE-2024-6373 was published Jun 27, 2024
An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry... Critical Unreviewed
CVE-2024-35527 was published Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain... High Unreviewed
CVE-2024-5008 was published Jun 25, 2024
An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow... Critical Unreviewed
CVE-2024-4197 was published Jun 25, 2024
A security vulnerability has been identified in Bludit, allowing authenticated attackers to... Unknown Unreviewed
CVE-2024-24551 was published Jun 24, 2024
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the... Unknown Unreviewed
CVE-2024-24550 was published Jun 24, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been... Moderate Unreviewed
CVE-2024-6280 was published Jun 24, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows... Critical Unreviewed
CVE-2024-35767 was published Jun 21, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table... Critical Unreviewed
CVE-2023-45197 was published Jun 21, 2024
An authenticated user can upload arbitrary files in the upload function for collection preview... High Unreviewed
CVE-2024-28147 was published Jun 20, 2024
In the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0... Critical Unreviewed
CVE-2024-34990 was published Jun 19, 2024
In the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop,... Critical Unreviewed
CVE-2024-33836 was published Jun 19, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
Dolibarr arbitrary file upload vulnerability High
CVE-2024-37821 was published for dolibarr/dolibarr (Composer) Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... Moderate Unreviewed
CVE-2024-6114 was published Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... Moderate Unreviewed
CVE-2024-6116 was published Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation... Moderate Unreviewed
CVE-2024-6115 was published Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1... Moderate Unreviewed
CVE-2024-6110 was published Jun 18, 2024
A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1... Moderate Unreviewed
CVE-2024-6084 was published Jun 18, 2024
A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an... Moderate Unreviewed
CVE-2024-6083 was published Jun 18, 2024
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload... Critical Unreviewed
CVE-2024-34833 was published Jun 17, 2024
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An... Critical Unreviewed
CVE-2024-3912 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database