GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,630
Composer 4,715
Erlang 34
GitHub Actions 28
Go 2,302
Maven 5,577
npm 3,946
NuGet 711
pip 3,716
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,130

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,034 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This... High Unreviewed

CVE-2024-0648 was published Jan 18, 2024

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an... High Unreviewed

CVE-2024-20272 was published Jan 17, 2024

The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to... High Unreviewed

CVE-2023-4536 was published Jan 16, 2024

Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing... High Unreviewed

CVE-2022-1538 was published Jan 16, 2024

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate... High Unreviewed

CVE-2023-49257 was published Jan 12, 2024

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and... High Unreviewed

CVE-2023-46474 was published Jan 12, 2024

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2023-6558 was published Jan 11, 2024

The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2023-6220 was published Jan 11, 2024

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... High Unreviewed

CVE-2023-6636 was published Jan 11, 2024

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This... High Unreviewed

CVE-2024-0352 was published Jan 10, 2024

The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited... High Unreviewed

CVE-2023-6140 was published Jan 8, 2024

The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo... High Unreviewed

CVE-2023-5957 was published Jan 8, 2024

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f'... High Unreviewed

CVE-2023-50760 was published Jan 4, 2024

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the... High Unreviewed

CVE-2023-50922 was published Jan 3, 2024

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web... High Unreviewed

CVE-2023-45724 was published Jan 3, 2024

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8,... High Unreviewed

CVE-2023-50038 was published Dec 28, 2023

File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via... High Unreviewed

CVE-2023-50692 was published Dec 28, 2023

The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions... High Unreviewed

CVE-2023-5673 was published Dec 26, 2023

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not... High Unreviewed

CVE-2023-5931 was published Dec 26, 2023

IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused... High Unreviewed

CVE-2023-42017 was published Dec 22, 2023

Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution... High Unreviewed

CVE-2023-47784 was published Dec 20, 2023

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4... High Unreviewed

CVE-2023-46263 was published Dec 19, 2023

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4... High Unreviewed

CVE-2023-46264 was published Dec 19, 2023

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload... High Unreviewed

CVE-2023-4311 was published Dec 18, 2023

Kaifa Technology WebITR is an online attendance system, its file uploading function does not... High Unreviewed

CVE-2023-48394 was published Dec 15, 2023

Previous 1 2 … 8 9 10 11 12 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,034 advisories