GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
239 advisories
angular-base64-upload vulnerable to unauthenticated remote code execution
Critical
CVE-2024-42640
was published
for
angular-base64-upload
(npm)
Oct 11, 2024
Livewire Remote Code Execution on File Uploads
High
CVE-2024-47823
was published
for
livewire/livewire
(Composer)
Oct 8, 2024
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload
Low
CVE-2024-47528
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
Contao affected by remote command execution through file upload
High
CVE-2024-45398
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment
Critical
CVE-2024-38529
was published
for
admidio/admidio
(Composer)
Jul 29, 2024
Automad arbitrary file upload vulnerability
Moderate
CVE-2024-40400
was published
for
automad/automad
(Composer)
Jul 19, 2024
yt-dlp File system modification and RCE through improper file-extension sanitization
High
CVE-2024-38519
was published
for
yt-dlp
(pip)
Jul 2, 2024
pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint
Critical
CVE-2024-5980
was published
for
lightning
(pip)
Jun 27, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability
High
CVE-2024-36811
was published
for
aimeos/aimeos-core
(Composer)
Jun 7, 2024
•
withdrawn
Jan path traversal vulnerability
Critical
CVE-2024-36858
was published
for
@janhq/core
(npm)
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API