Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,029 advisories

Loading
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain... High Unreviewed
CVE-2024-5008 was published Jun 25, 2024
An authenticated user can upload arbitrary files in the upload function for collection preview... High Unreviewed
CVE-2024-28147 was published Jun 20, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
Dolibarr arbitrary file upload vulnerability High
CVE-2024-37821 was published for dolibarr/dolibarr (Composer) Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... High Unreviewed
CVE-2024-6114 was published Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation... High Unreviewed
CVE-2024-6115 was published Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... High Unreviewed
CVE-2024-6116 was published Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1... High Unreviewed
CVE-2024-6110 was published Jun 18, 2024
The upload functionality of ASUS Download Master does not properly filter user input. Remote... High Unreviewed
CVE-2024-31161 was published Jun 14, 2024
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type High Unreviewed
CVE-2024-36396 was published Jun 13, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... High Unreviewed
CVE-2024-34110 was published Jun 13, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability High
CVE-2024-36811 was published for aimeos/aimeos-core (Composer) Jun 7, 2024 withdrawn
aimeos
TYPO3 Arbitrary Code Execution via File List Module High
GHSA-8h4m-r4wm-xj7r was published for typo3/cms (Composer) Jun 7, 2024
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute... High Unreviewed
CVE-2024-36774 was published Jun 7, 2024
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x... High Unreviewed
CVE-2024-29848 was published May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a... High Unreviewed
CVE-2024-22060 was published May 31, 2024
TYPO3 Arbitrary Code Execution via File List Module High
GHSA-f9hr-7cfq-mjg2 was published for typo3/cms-core (Composer) May 30, 2024
silverstripe/framework allows upload of dangerous file types High
GHSA-vcg6-8fxc-x5cq was published for silverstripe/framework (Composer) May 27, 2024
A vulnerability classified as critical has been found in SourceCodester Student Management System... High Unreviewed
CVE-2024-5047 was published May 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue... High Unreviewed
CVE-2024-33556 was published May 17, 2024
A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated... High Unreviewed
CVE-2024-4920 was published May 16, 2024
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can... High Unreviewed
CVE-2024-3483 was published May 15, 2024
BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2021-35002 was published May 8, 2024
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote... High Unreviewed
CVE-2023-39463 was published May 3, 2024
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code... High Unreviewed
CVE-2023-38098 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API