GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,527

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,059 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects... High Unreviewed

CVE-2024-1036 was published Jan 30, 2024

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects... High Unreviewed

CVE-2024-1034 was published Jan 30, 2024

An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to... High Unreviewed

CVE-2024-24399 was published Jan 25, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order... High Unreviewed

CVE-2024-22135 was published Jan 24, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export... High Unreviewed

CVE-2024-22152 was published Jan 24, 2024

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote... High Unreviewed

CVE-2023-52324 was published Jan 23, 2024

DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php. High Unreviewed

CVE-2024-22895 was published Jan 22, 2024

A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This... High Unreviewed

CVE-2024-0648 was published Jan 18, 2024

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an... High Unreviewed

CVE-2024-20272 was published Jan 17, 2024

The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to... High Unreviewed

CVE-2023-4536 was published Jan 16, 2024

Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing... High Unreviewed

CVE-2022-1538 was published Jan 16, 2024

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate... High Unreviewed

CVE-2023-49257 was published Jan 12, 2024

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and... High Unreviewed

CVE-2023-46474 was published Jan 12, 2024

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... High Unreviewed

CVE-2023-6636 was published Jan 11, 2024

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2023-6558 was published Jan 11, 2024

The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2023-6220 was published Jan 11, 2024

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This... High Unreviewed

CVE-2024-0352 was published Jan 10, 2024

The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo... High Unreviewed

CVE-2023-5957 was published Jan 8, 2024

The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited... High Unreviewed

CVE-2023-6140 was published Jan 8, 2024

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f'... High Unreviewed

CVE-2023-50760 was published Jan 4, 2024

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the... High Unreviewed

CVE-2023-50922 was published Jan 3, 2024

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web... High Unreviewed

CVE-2023-45724 was published Jan 3, 2024

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8,... High Unreviewed

CVE-2023-50038 was published Dec 28, 2023

File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via... High Unreviewed

CVE-2023-50692 was published Dec 28, 2023

The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions... High Unreviewed

CVE-2023-5673 was published Dec 26, 2023

Previous 1 2 … 5 6 7 8 9 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,059 advisories