Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,029 advisories

Loading
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed
CVE-2024-40125 was published Sep 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed
CVE-2024-45171 was published Sep 5, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed
CVE-2024-42991 was published Sep 3, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed
CVE-2024-8330 was published Aug 30, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-6311 was published Aug 28, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed
CVE-2024-7987 was published Aug 26, 2024
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin... High Unreviewed
CVE-2024-42523 was published Aug 23, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin... High Unreviewed
CVE-2024-42767 was published Aug 22, 2024
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress... High Unreviewed
CVE-2024-7384 was published Aug 22, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in... High Unreviewed
CVE-2024-42778 was published Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in... High Unreviewed
CVE-2024-42780 was published Aug 21, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in... High Unreviewed
CVE-2024-42779 was published Aug 21, 2024
The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable... High Unreviewed
CVE-2022-1206 was published Aug 20, 2024
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload... High Unreviewed
CVE-2023-0714 was published Aug 17, 2024
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows... High Unreviewed
CVE-2024-42676 was published Aug 15, 2024
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-4389 was published Aug 14, 2024
The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-6823 was published Aug 13, 2024
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files.... High Unreviewed
CVE-2024-7694 was published Aug 12, 2024
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager... High Unreviewed
CVE-2024-41913 was published Aug 6, 2024
The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-7484 was published Aug 6, 2024
ProTip! Advisories are also available from the GraphQL API