GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,524 advisories
Filter by severity
A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-12233
was published
Dec 5, 2024
Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
...
High
Unreviewed
CVE-2024-51548
was published
Dec 5, 2024
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions...
Critical
Unreviewed
CVE-2024-40744
was published
Dec 4, 2024
An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of...
High
Unreviewed
CVE-2024-46625
was published
Dec 4, 2024
Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
High
CVE-2024-53863
was published
for
matrix-synapse
(pip)
Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
could be vulnerable to malicious file upload by not...
High
Unreviewed
CVE-2024-40691
was published
Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
is vulnerable to malicious file upload by...
Moderate
Unreviewed
CVE-2024-25020
was published
Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
could be vulnerable to malicious file upload by not...
Moderate
Unreviewed
CVE-2024-25019
was published
Dec 3, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-11391
was published
Dec 3, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds...
Critical
Unreviewed
CVE-2024-52476
was published
Dec 2, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11979
was published
Nov 29, 2024
A vulnerability classified as problematic was found in Guizhou Xiaoma Technology jpress 5.1.2....
Moderate
Unreviewed
CVE-2024-11971
was published
Nov 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web...
Critical
Unreviewed
CVE-2024-52490
was published
Nov 28, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due...
High
Unreviewed
CVE-2024-8066
was published
Nov 28, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2024-11082
was published
Nov 28, 2024
An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3...
Moderate
Unreviewed
CVE-2024-53619
was published
Nov 26, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored...
High
Unreviewed
CVE-2024-9504
was published
Nov 26, 2024
A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management...
Moderate
Unreviewed
CVE-2024-11674
was published
Nov 26, 2024
A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-11661
was published
Nov 25, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-9942
was published
Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-9660
was published
Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-9659
was published
Nov 23, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute...
High
Unreviewed
CVE-2024-51364
was published
Nov 21, 2024
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows...
Critical
Unreviewed
CVE-2024-51366
was published
Nov 21, 2024
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows...
Critical
Unreviewed
CVE-2024-51365
was published
Nov 21, 2024
ProTip!
Advisories are also available from the
GraphQL API