Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,544 advisories

Loading
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2024-8066 was published Nov 28, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute... High Unreviewed
CVE-2024-51364 was published Nov 21, 2024
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed
CVE-2024-52677 was published Nov 20, 2024
An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3... Moderate Unreviewed
CVE-2024-53619 was published Nov 26, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored... High Unreviewed
CVE-2024-9504 was published Nov 26, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal Critical
CVE-2024-47169 was published for agnai (npm) Sep 26, 2024
ropwareJB noe233
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2020-22151 was published Jul 3, 2023
The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to... Critical Unreviewed
CVE-2021-24171 was published May 24, 2022
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-9660 was published Nov 23, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9942 was published Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9659 was published Nov 23, 2024
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0... High Unreviewed
CVE-2024-51208 was published Nov 20, 2024
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by... Moderate Unreviewed
CVE-2024-50652 was published Nov 15, 2024
django Filer Unrestricted Upload of File with Dangerous Type Moderate
CVE-2024-11404 was published for django-filer (pip) Nov 20, 2024
A vulnerability classified as critical has been found in EyouCMS 1.5.6. Affected is an unknown... Moderate Unreviewed
CVE-2024-11211 was published Nov 14, 2024
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and... Moderate Unreviewed
CVE-2024-11214 was published Nov 14, 2024
Command injection in Yamale High
CVE-2021-38305 was published for yamale (pip) Aug 11, 2021
Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type... Moderate Unreviewed
CVE-2024-28890 was published Apr 23, 2024
A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified... Moderate Unreviewed
CVE-2024-10994 was published Nov 8, 2024
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows... High Unreviewed
CVE-2024-42676 was published Aug 15, 2024
A vulnerability, which was classified as critical, was found in Codezips Online Institute... Moderate Unreviewed
CVE-2024-10993 was published Nov 8, 2024
Automad arbitrary file upload vulnerability High
CVE-2024-40400 was published for automad/automad (Composer) Jul 19, 2024
marcantondahmen
A vulnerability has been found in itsourcecode Online Food Ordering System up to 1.0 and... Moderate Unreviewed
CVE-2024-6373 was published Jun 27, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... Moderate Unreviewed
CVE-2024-6114 was published Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database