Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,706
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,033 advisories

Loading
An arbitrary file upload vulnerability in Webkul Qloapps v1.6.0.0 allows attackers to execute... High Unreviewed
CVE-2024-40318 was published Jul 25, 2024
The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-6756 was published Jul 24, 2024
The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due... High Unreviewed
CVE-2024-6828 was published Jul 23, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-3242 was published Jul 18, 2024
The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent... High Unreviewed
CVE-2024-5630 was published Jul 15, 2024
The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could... High Unreviewed
CVE-2024-5080 was published Jul 13, 2024
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS... High Unreviewed
CVE-2024-40545 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40546 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS... High Unreviewed
CVE-2024-40551 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of... High Unreviewed
CVE-2024-40550 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0... High Unreviewed
CVE-2024-40548 was published Jul 12, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS... High Unreviewed
CVE-2024-40549 was published Jul 12, 2024
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an... High Unreviewed
CVE-2024-5911 was published Jul 10, 2024
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2023-7061 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39865 was published Jul 9, 2024
The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6123 was published Jul 9, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-5441 was published Jul 9, 2024
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory,... High Unreviewed
CVE-2024-27903 was published Jul 8, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6319 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6318 was published Jul 4, 2024
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type... High Unreviewed
CVE-2024-3123 was published Jul 1, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain... High Unreviewed
CVE-2024-5008 was published Jun 25, 2024
An authenticated user can upload arbitrary files in the upload function for collection preview... High Unreviewed
CVE-2024-28147 was published Jun 20, 2024
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-2381 was published Jun 19, 2024
The upload functionality of ASUS Download Master does not properly filter user input. Remote... High Unreviewed
CVE-2024-31161 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database