GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,203

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

974 advisories

Filter by severity

Sort by

Least recently updated

The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-7855 was published Oct 2, 2024

An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code... High Unreviewed

CVE-2024-46441 was published Sep 27, 2024

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ... High Unreviewed

CVE-2024-8126 was published Sep 26, 2024

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary... High Unreviewed

CVE-2023-26690 was published Sep 25, 2024

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed

CVE-2024-40125 was published Sep 19, 2024

Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed

CVE-2024-46373 was published Sep 18, 2024

SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed

CVE-2024-8232 was published Sep 10, 2024

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed

CVE-2024-44871 was published Sep 10, 2024

The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed

CVE-2024-7770 was published Sep 10, 2024

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed

CVE-2024-45171 was published Sep 5, 2024

MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed

CVE-2024-42991 was published Sep 3, 2024

6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed

CVE-2024-8330 was published Aug 30, 2024

The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-6311 was published Aug 28, 2024

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed

CVE-2024-7987 was published Aug 26, 2024

publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin... High Unreviewed

CVE-2024-42523 was published Aug 23, 2024

Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin... High Unreviewed

CVE-2024-42767 was published Aug 22, 2024

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress... High Unreviewed

CVE-2024-7384 was published Aug 22, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in... High Unreviewed

CVE-2024-42778 was published Aug 21, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in... High Unreviewed

CVE-2024-42780 was published Aug 21, 2024

An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in... High Unreviewed

CVE-2024-42779 was published Aug 21, 2024

The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable... High Unreviewed

CVE-2022-1206 was published Aug 20, 2024

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload... High Unreviewed

CVE-2023-0714 was published Aug 17, 2024

File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows... High Unreviewed

CVE-2024-42676 was published Aug 15, 2024

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-4389 was published Aug 14, 2024

The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-6823 was published Aug 13, 2024

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

974 advisories