Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,049 advisories

Loading
Apache StreamPipes has potential remote code execution (RCE) via file upload High
CVE-2024-31411 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent... High Unreviewed
CVE-2024-5630 was published Jul 15, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS... High Unreviewed
CVE-2024-40549 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS... High Unreviewed
CVE-2024-40545 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40546 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of... High Unreviewed
CVE-2024-40550 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40548 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS... High Unreviewed
CVE-2024-40551 was published Jul 12, 2024
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an... High Unreviewed
CVE-2024-5911 was published Jul 10, 2024
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2023-7061 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39865 was published Jul 9, 2024
The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6123 was published Jul 9, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-5441 was published Jul 9, 2024
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory,... High Unreviewed
CVE-2024-27903 was published Jul 8, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6319 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6318 was published Jul 4, 2024
yt-dlp File system modification and RCE through improper file-extension sanitization High
CVE-2024-38519 was published for yt-dlp (pip) Jul 2, 2024
pukkandan JarLob
Grub4K
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type... High Unreviewed
CVE-2024-3123 was published Jul 1, 2024
A vulnerability has been found in itsourcecode Online Food Ordering System up to 1.0 and... High Unreviewed
CVE-2024-6373 was published Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain... High Unreviewed
CVE-2024-5008 was published Jun 25, 2024
An authenticated user can upload arbitrary files in the upload function for collection preview... High Unreviewed
CVE-2024-28147 was published Jun 20, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
Dolibarr arbitrary file upload vulnerability High
CVE-2024-37821 was published for dolibarr/dolibarr (Composer) Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... High Unreviewed
CVE-2024-6114 was published Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... High Unreviewed
CVE-2024-6116 was published Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database