GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
773 advisories
Filter by severity
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a...
Critical
Unreviewed
CVE-2024-7772
was published
Sep 26, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary...
Critical
Unreviewed
CVE-2023-26686
was published
Sep 25, 2024
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload...
Critical
Unreviewed
CVE-2024-8940
was published
Sep 25, 2024
GDidees CMS <= v3.9.1 has a file upload vulnerability.
Critical
Unreviewed
CVE-2024-46101
was published
Sep 20, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46377
was published
Sep 18, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online...
Critical
Unreviewed
CVE-2024-27115
was published
Sep 11, 2024
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter,...
Critical
Unreviewed
CVE-2024-7732
was published
Aug 14, 2024
A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an...
Critical
Unreviewed
CVE-2023-0651
was published
Feb 2, 2023
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the...
Critical
Unreviewed
CVE-2023-51034
was published
Dec 22, 2023
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in...
Critical
Unreviewed
CVE-2024-44849
was published
Sep 9, 2024
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-31777
was published
Jun 14, 2024
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of...
Critical
Unreviewed
CVE-2024-8463
was published
Sep 5, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute...
Critical
Unreviewed
CVE-2024-45076
was published
Sep 4, 2024
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in...
Critical
Unreviewed
CVE-2024-6117
was published
Aug 5, 2024
An issue in Timo v.2.0.3 allows a remote attacker to execute arbitrary code via the filetype...
Critical
Unreviewed
CVE-2024-22824
was published
Feb 20, 2024
File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute...
Critical
Unreviewed
CVE-2024-27747
was published
Mar 2, 2024
An arbitrary file upload vulnerability in the component /sysFile/upload of Novel-Plus v4.3.0-RC1...
Critical
Unreviewed
CVE-2024-25274
was published
Feb 20, 2024
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the...
Critical
Unreviewed
CVE-2023-48031
was published
Nov 17, 2023
Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-28423
was published
Mar 14, 2024
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted...
Critical
Unreviewed
CVE-2024-28713
was published
Mar 28, 2024
An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of...
Critical
Unreviewed
CVE-2023-41506
was published
Feb 27, 2024
File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-28441
was published
Mar 22, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of...
Critical
Unreviewed
CVE-2024-42777
was published
Aug 21, 2024
An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2024-42563
was published
Aug 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows...
Critical
Unreviewed
CVE-2024-43249
was published
Aug 19, 2024
ProTip!
Advisories are also available from the
GraphQL API