Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,544 advisories

Loading
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable... High Unreviewed
CVE-2024-40695 was published Dec 20, 2024
There is an unrestricted file upload vulnerability where it is possible for an authenticated user... High Unreviewed
CVE-2024-12700 was published Dec 20, 2024
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload Low
CVE-2024-47528 was published for librenms/librenms (Composer) Oct 1, 2024
minhnq1618
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed
CVE-2024-56057 was published Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed
CVE-2024-56054 was published Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed
CVE-2024-56052 was published Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed
CVE-2024-56050 was published Dec 18, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Moderate Unreviewed
CVE-2024-55514 was published Dec 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed
CVE-2024-54285 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo... Critical Unreviewed
CVE-2024-54370 was published Dec 16, 2024
The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-9698 was published Dec 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed
CVE-2024-54262 was published Dec 13, 2024
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed
CVE-2024-9290 was published Dec 13, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12042 was published Dec 13, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2,... Moderate Unreviewed
CVE-2024-44220 was published Dec 12, 2024
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed
CVE-2024-54918 was published Dec 9, 2024
The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-10590 was published Dec 12, 2024
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload... High Unreviewed
CVE-2024-50625 was published Dec 10, 2024
An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of... High Unreviewed
CVE-2024-46625 was published Dec 4, 2024
A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as... Moderate Unreviewed
CVE-2024-12233 was published Dec 5, 2024
A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an... Moderate Unreviewed
CVE-2024-11138 was published Nov 12, 2024
In Cleo Harmony before 5.8.0.20, VLTrader before 5.8.0.20, and LexiCom before 5.8.0.20, there is... High Unreviewed
CVE-2024-50623 was published Oct 28, 2024
SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload... Moderate Unreviewed
CVE-2024-42375 was published Aug 13, 2024
SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload... Low Unreviewed
CVE-2024-28166 was published Aug 13, 2024
SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload... Low Unreviewed
CVE-2024-41731 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database