Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

963 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio allows... Critical Unreviewed
CVE-2024-52400 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Davor Zeljkovic Convert... Critical Unreviewed
CVE-2024-52397 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI.This issue affects... Critical Unreviewed
CVE-2024-52398 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration... Critical Unreviewed
CVE-2024-52407 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team PushAssist Push... Critical Unreviewed
CVE-2024-52408 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup... Critical Unreviewed
CVE-2024-52429 was published Nov 18, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9942 was published Nov 23, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-9659 was published Nov 23, 2024
The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to... Critical Unreviewed
CVE-2021-24171 was published May 24, 2022
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2020-22151 was published Jul 3, 2023
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal Critical
CVE-2024-47169 was published for agnai (npm) Sep 26, 2024
ropwareJB noe233
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed
CVE-2024-52677 was published Nov 20, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web... Critical Unreviewed
CVE-2024-52490 was published Nov 28, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11979 was published Nov 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds... Critical Unreviewed
CVE-2024-52476 was published Dec 2, 2024
The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files,... Critical Unreviewed
CVE-2022-4395 was published Jan 30, 2023
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows... Critical Unreviewed
CVE-2024-51366 was published Nov 21, 2024
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows... Critical Unreviewed
CVE-2024-51365 was published Nov 21, 2024
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions... Critical Unreviewed
CVE-2024-40744 was published Dec 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a... Critical Unreviewed
CVE-2024-54214 was published Dec 6, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium... Critical Unreviewed
CVE-2024-53822 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed
CVE-2024-54918 was published Dec 9, 2024
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed
CVE-2024-9290 was published Dec 13, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed
CVE-2024-54262 was published Dec 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database