GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,590
Composer 4,706
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,535

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,033 advisories

Filter by severity

Sort by

Least recently updated

Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed

CVE-2024-46373 was published Sep 18, 2024

SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed

CVE-2024-8232 was published Sep 10, 2024

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed

CVE-2024-44871 was published Sep 10, 2024

The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed

CVE-2024-7770 was published Sep 10, 2024

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed

CVE-2024-45171 was published Sep 5, 2024

MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed

CVE-2024-42991 was published Sep 3, 2024

6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed

CVE-2024-8330 was published Aug 30, 2024

The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-6311 was published Aug 28, 2024

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed

CVE-2024-7987 was published Aug 26, 2024

publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin... High Unreviewed

CVE-2024-42523 was published Aug 23, 2024

Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin... High Unreviewed

CVE-2024-42767 was published Aug 22, 2024

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress... High Unreviewed

CVE-2024-7384 was published Aug 22, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in... High Unreviewed

CVE-2024-42778 was published Aug 21, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in... High Unreviewed

CVE-2024-42779 was published Aug 21, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in... High Unreviewed

CVE-2024-42780 was published Aug 21, 2024

The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable... High Unreviewed

CVE-2022-1206 was published Aug 20, 2024

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload... High Unreviewed

CVE-2023-0714 was published Aug 17, 2024

File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows... High Unreviewed

CVE-2024-42676 was published Aug 15, 2024

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-4389 was published Aug 14, 2024

The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-6823 was published Aug 13, 2024

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files.... High Unreviewed

CVE-2024-7694 was published Aug 12, 2024

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager... High Unreviewed

CVE-2024-41913 was published Aug 6, 2024

The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-7484 was published Aug 6, 2024

The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-6315 was published Aug 6, 2024

The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-6431 was published Jul 27, 2024

Previous 1 2 3 4 5 6 7 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,033 advisories