Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

836 advisories

Loading
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal Critical
CVE-2024-47169 was published for agnai (npm) Sep 26, 2024
ropwareJB
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a... Critical Unreviewed
CVE-2024-7772 was published Sep 26, 2024
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload... Critical Unreviewed
CVE-2024-8940 was published Sep 25, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... Critical Unreviewed
CVE-2023-26686 was published Sep 25, 2024
GDidees CMS <= v3.9.1 has a file upload vulnerability. Critical Unreviewed
CVE-2024-46101 was published Sep 20, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46377 was published Sep 18, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online... Critical Unreviewed
CVE-2024-27115 was published Sep 11, 2024
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in... Critical Unreviewed
CVE-2024-44849 was published Sep 9, 2024
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of... Critical Unreviewed
CVE-2024-8463 was published Sep 5, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute... Critical Unreviewed
CVE-2024-45076 was published Sep 4, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of... Critical Unreviewed
CVE-2024-42777 was published Aug 21, 2024
An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2024-42563 was published Aug 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows... Critical Unreviewed
CVE-2024-43249 was published Aug 19, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Critical Unreviewed
CVE-2024-39397 was published Aug 14, 2024
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter,... Critical Unreviewed
CVE-2024-7732 was published Aug 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection... Critical Unreviewed
CVE-2024-43160 was published Aug 13, 2024
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in... Critical Unreviewed
CVE-2024-6117 was published Aug 5, 2024
The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed
CVE-2024-7257 was published Aug 3, 2024
Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment Critical
CVE-2024-38529 was published for admidio/admidio (Composer) Jul 29, 2024
UmerAdeemCheema
The 简数采集器 (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-6220 was published Jul 17, 2024
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an... Critical Unreviewed
CVE-2024-40394 was published Jul 16, 2024
File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1... Critical Unreviewed
CVE-2024-40425 was published Jul 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import... Critical Unreviewed
CVE-2024-38734 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX... Critical Unreviewed
CVE-2024-38736 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin allows... Critical Unreviewed
CVE-2024-37418 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database