GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,029 advisories
Filter by severity
In WhatsUp Gold versions released before 2023.1.3,
an authenticated user with certain...
High
Unreviewed
CVE-2024-5008
was published
Jun 25, 2024
An authenticated user can upload arbitrary files in the upload
function for collection preview...
High
Unreviewed
CVE-2024-28147
was published
Jun 20, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2024-2381
was published
Jun 19, 2024
Dolibarr arbitrary file upload vulnerability
High
CVE-2024-37821
was published
for
dolibarr/dolibarr
(Composer)
Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online...
High
Unreviewed
CVE-2024-6114
was published
Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation...
High
Unreviewed
CVE-2024-6115
was published
Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online...
High
Unreviewed
CVE-2024-6116
was published
Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1...
High
Unreviewed
CVE-2024-6110
was published
Jun 18, 2024
The upload functionality of ASUS Download Master does not properly filter user input. Remote...
High
Unreviewed
CVE-2024-31161
was published
Jun 14, 2024
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type
High
Unreviewed
CVE-2024-36396
was published
Jun 13, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an...
High
Unreviewed
CVE-2024-34110
was published
Jun 13, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability
High
CVE-2024-36811
was published
for
aimeos/aimeos-core
(Composer)
Jun 7, 2024
•
withdrawn
TYPO3 Arbitrary Code Execution via File List Module
High
GHSA-8h4m-r4wm-xj7r
was published
for
typo3/cms
(Composer)
Jun 7, 2024
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute...
High
Unreviewed
CVE-2024-36774
was published
Jun 7, 2024
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x...
High
Unreviewed
CVE-2024-29848
was published
May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a...
High
Unreviewed
CVE-2024-22060
was published
May 31, 2024
TYPO3 Arbitrary Code Execution via File List Module
High
GHSA-f9hr-7cfq-mjg2
was published
for
typo3/cms-core
(Composer)
May 30, 2024
silverstripe/framework allows upload of dangerous file types
High
GHSA-vcg6-8fxc-x5cq
was published
for
silverstripe/framework
(Composer)
May 27, 2024
A vulnerability classified as critical has been found in SourceCodester Student Management System...
High
Unreviewed
CVE-2024-5047
was published
May 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue...
High
Unreviewed
CVE-2024-33556
was published
May 17, 2024
A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated...
High
Unreviewed
CVE-2024-4920
was published
May 16, 2024
Remote Code
Execution has been discovered in
OpenText™ iManager 3.2.6.0200. The vulnerability can...
High
Unreviewed
CVE-2024-3483
was published
May 15, 2024
BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2021-35002
was published
May 8, 2024
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote...
High
Unreviewed
CVE-2023-39463
was published
May 3, 2024
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code...
High
Unreviewed
CVE-2023-38098
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API