Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,573 advisories

Loading
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed
CVE-2024-40691 was published Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... Moderate Unreviewed
CVE-2024-25019 was published Dec 3, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-11391 was published Dec 3, 2024
The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files,... Critical Unreviewed
CVE-2022-4395 was published Jan 30, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds... Critical Unreviewed
CVE-2024-52476 was published Dec 2, 2024
An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0... High Unreviewed
CVE-2024-52769 was published Nov 20, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11979 was published Nov 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web... Critical Unreviewed
CVE-2024-52490 was published Nov 28, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2024-8066 was published Nov 28, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute... High Unreviewed
CVE-2024-51364 was published Nov 21, 2024
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed
CVE-2024-52677 was published Nov 20, 2024
An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3... Moderate Unreviewed
CVE-2024-53619 was published Nov 26, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored... High Unreviewed
CVE-2024-9504 was published Nov 26, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal Critical
CVE-2024-47169 was published for agnai (npm) Sep 26, 2024
ropwareJB noe233
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2020-22151 was published Jul 3, 2023
The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to... Critical Unreviewed
CVE-2021-24171 was published May 24, 2022
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9942 was published Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9659 was published Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-9660 was published Nov 23, 2024
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0... High Unreviewed
CVE-2024-51208 was published Nov 20, 2024
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by... Moderate Unreviewed
CVE-2024-50652 was published Nov 15, 2024
django Filer Unrestricted Upload of File with Dangerous Type Moderate
CVE-2024-11404 was published for django-filer (pip) Nov 20, 2024
A vulnerability classified as critical has been found in EyouCMS 1.5.6. Affected is an unknown... Moderate Unreviewed
CVE-2024-11211 was published Nov 14, 2024
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and... Moderate Unreviewed
CVE-2024-11214 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database