Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,049 advisories

Loading
Administrative Management System from Wellchoose does not properly validate uploaded file types,... High Unreviewed
CVE-2024-10201 was published Oct 21, 2024
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to... High Unreviewed
CVE-2024-49398 was published Oct 17, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and... High Unreviewed
CVE-2024-8746 was published Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2020-36842 was published Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all... High Unreviewed
CVE-2024-8918 was published Oct 16, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing... High Unreviewed
CVE-2024-9981 was published Oct 15, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of... High Unreviewed
CVE-2024-47423 was published Oct 9, 2024
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with... High Unreviewed
CVE-2024-45136 was published Oct 9, 2024
InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File... High Unreviewed
CVE-2024-45137 was published Oct 9, 2024
Livewire Remote Code Execution on File Uploads High
CVE-2024-47823 was published for livewire/livewire (Composer) Oct 8, 2024
angelej RChutchev
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a... High Unreviewed
CVE-2024-37179 was published Oct 8, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form – Contact Form... High Unreviewed
CVE-2024-47319 was published Oct 5, 2024
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote... High Unreviewed
CVE-2024-37869 was published Oct 4, 2024
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote... High Unreviewed
CVE-2024-37868 was published Oct 4, 2024
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files... High Unreviewed
CVE-2024-47655 was published Oct 4, 2024
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-7855 was published Oct 2, 2024
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code... High Unreviewed
CVE-2024-46441 was published Sep 27, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ... High Unreviewed
CVE-2024-8126 was published Sep 26, 2024
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... High Unreviewed
CVE-2023-26690 was published Sep 25, 2024
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed
CVE-2024-40125 was published Sep 19, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed
CVE-2024-46373 was published Sep 18, 2024
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database