Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

923 advisories

Loading
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in... Critical Unreviewed
CVE-2024-6117 was published Aug 5, 2024
The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed
CVE-2024-7257 was published Aug 3, 2024
Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment Critical
CVE-2024-38529 was published for admidio/admidio (Composer) Jul 29, 2024
UmerAdeemCheema
The 简数采集器 (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-6220 was published Jul 17, 2024
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an... Critical Unreviewed
CVE-2024-40394 was published Jul 16, 2024
File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1... Critical Unreviewed
CVE-2024-40425 was published Jul 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX... Critical Unreviewed
CVE-2024-38736 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import... Critical Unreviewed
CVE-2024-38734 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site... Critical Unreviewed
CVE-2024-37420 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin allows... Critical Unreviewed
CVE-2024-37418 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks... Critical Unreviewed
CVE-2024-37424 was published Jul 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using... Critical Unreviewed
CVE-2024-37555 was published Jul 9, 2024
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to... Critical Unreviewed
CVE-2024-37762 was published Jul 2, 2024
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web... Critical Unreviewed
CVE-2024-5827 was published Jun 29, 2024
pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint Critical
CVE-2024-5980 was published for lightning (pip) Jun 27, 2024
awaelchli
An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry... Critical Unreviewed
CVE-2024-35527 was published Jun 26, 2024
An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow... Critical Unreviewed
CVE-2024-4197 was published Jun 25, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows... Critical Unreviewed
CVE-2024-35767 was published Jun 21, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table... Critical Unreviewed
CVE-2023-45197 was published Jun 21, 2024
In the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop,... Critical Unreviewed
CVE-2024-33836 was published Jun 19, 2024
In the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0... Critical Unreviewed
CVE-2024-34990 was published Jun 19, 2024
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload... Critical Unreviewed
CVE-2024-34833 was published Jun 17, 2024
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An... Critical Unreviewed
CVE-2024-3912 was published Jun 14, 2024
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31777 was published Jun 14, 2024
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the... Critical Unreviewed
CVE-2024-1659 was published Jun 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database