Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,562 advisories

Loading
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload... High Unreviewed
CVE-2024-50625 was published Dec 10, 2024
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed
CVE-2024-54918 was published Dec 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium... Critical Unreviewed
CVE-2024-53822 was published Dec 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a... Critical Unreviewed
CVE-2024-54214 was published Dec 6, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit allows... Moderate Unreviewed
CVE-2024-53811 was published Dec 6, 2024
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due... High Unreviewed
CVE-2024-10578 was published Dec 6, 2024
A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as... Moderate Unreviewed
CVE-2024-12233 was published Dec 5, 2024
Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ... High Unreviewed
CVE-2024-51548 was published Dec 5, 2024
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions... Critical Unreviewed
CVE-2024-40744 was published Dec 4, 2024
An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of... High Unreviewed
CVE-2024-46625 was published Dec 4, 2024
Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders High
CVE-2024-53863 was published for matrix-synapse (pip) Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by... Moderate Unreviewed
CVE-2024-25020 was published Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed
CVE-2024-40691 was published Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... Moderate Unreviewed
CVE-2024-25019 was published Dec 3, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-11391 was published Dec 3, 2024
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed
CVE-2024-53564 was published Dec 2, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds... Critical Unreviewed
CVE-2024-52476 was published Dec 2, 2024
A vulnerability classified as problematic was found in Guizhou Xiaoma Technology jpress 5.1.2.... Moderate Unreviewed
CVE-2024-11971 was published Nov 29, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11979 was published Nov 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web... Critical Unreviewed
CVE-2024-52490 was published Nov 28, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2024-8066 was published Nov 28, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3... Moderate Unreviewed
CVE-2024-53619 was published Nov 26, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored... High Unreviewed
CVE-2024-9504 was published Nov 26, 2024
A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management... Moderate Unreviewed
CVE-2024-11674 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database