GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,029 advisories
Filter by severity
File Upload vulnerability in Byzro Network Smart s42 Management Platform v.S42 allows a local...
High
Unreviewed
CVE-2024-27733
was published
Mar 7, 2024
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker...
High
Unreviewed
CVE-2023-25921
was published
Feb 29, 2024
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0...
High
Unreviewed
CVE-2024-25869
was published
Feb 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader...
High
Unreviewed
CVE-2024-24714
was published
Feb 26, 2024
A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application...
High
Unreviewed
CVE-2024-27283
was published
Feb 22, 2024
File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to...
High
Unreviewed
CVE-2023-52154
was published
Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An...
High
Unreviewed
CVE-2024-22426
was published
Feb 16, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected...
High
Unreviewed
CVE-2024-23811
was published
Feb 13, 2024
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows...
High
Unreviewed
CVE-2024-23762
was published
Feb 13, 2024
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42...
High
Unreviewed
CVE-2023-40265
was published
Feb 9, 2024
October CMS Cross-site Scripting vulnerability
High
CVE-2023-25365
was published
for
october/october
(Composer)
Feb 9, 2024
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote...
High
Unreviewed
CVE-2024-24350
was published
Feb 8, 2024
Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to...
High
Unreviewed
CVE-2024-22515
was published
Feb 6, 2024
The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions...
High
Unreviewed
CVE-2023-6846
was published
Feb 6, 2024
The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2023-6925
was published
Feb 6, 2024
The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file...
High
Unreviewed
CVE-2023-6635
was published
Feb 6, 2024
mingSoft MCMS File Upload vulnerability
High
CVE-2024-22567
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 5, 2024
A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is...
High
Unreviewed
CVE-2024-1116
was published
Jan 31, 2024
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to...
High
Unreviewed
CVE-2024-1069
was published
Jan 31, 2024
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated...
High
Unreviewed
CVE-2023-31505
was published
Jan 31, 2024
A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This...
High
Unreviewed
CVE-2024-1035
was published
Jan 30, 2024
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects...
High
Unreviewed
CVE-2024-1036
was published
Jan 30, 2024
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects...
High
Unreviewed
CVE-2024-1034
was published
Jan 30, 2024
An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to...
High
Unreviewed
CVE-2024-24399
was published
Jan 25, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order...
High
Unreviewed
CVE-2024-22135
was published
Jan 24, 2024
ProTip!
Advisories are also available from the
GraphQL API