Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,086 advisories

Loading
phpMyFAQ's File Upload Bypass at Category Image Leads to RCE High
CVE-2024-28105 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy... High Unreviewed
CVE-2024-27964 was published Mar 21, 2024
Arbitrary file upload vulnerability in GeoServer's REST Coverage Store API High
CVE-2023-51444 was published for org.geoserver:gs-platform (Maven) Mar 20, 2024
sikeoka
greykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj... High Unreviewed
CVE-2024-28425 was published Mar 14, 2024
A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app... High Unreviewed
CVE-2024-0800 was published Mar 13, 2024
File Upload vulnerability in Byzro Network Smart s42 Management Platform v.S42 allows a local... High Unreviewed
CVE-2024-27733 was published Mar 7, 2024
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker... High Unreviewed
CVE-2023-25921 was published Feb 29, 2024
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0... High Unreviewed
CVE-2024-25869 was published Feb 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader... High Unreviewed
CVE-2024-24714 was published Feb 26, 2024
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability High
CVE-2024-22393 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application... High Unreviewed
CVE-2024-27283 was published Feb 22, 2024
File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to... High Unreviewed
CVE-2023-52154 was published Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An... High Unreviewed
CVE-2024-22426 was published Feb 16, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected... High Unreviewed
CVE-2024-23811 was published Feb 13, 2024
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows... High Unreviewed
CVE-2024-23762 was published Feb 13, 2024
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42... High Unreviewed
CVE-2023-40265 was published Feb 9, 2024
October CMS Cross-site Scripting vulnerability High
CVE-2023-25365 was published for october/october (Composer) Feb 9, 2024
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote... High Unreviewed
CVE-2024-24350 was published Feb 8, 2024
Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to... High Unreviewed
CVE-2024-22515 was published Feb 6, 2024
The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions... High Unreviewed
CVE-2023-6846 was published Feb 6, 2024
The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2023-6925 was published Feb 6, 2024
The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2023-6635 was published Feb 6, 2024
mingSoft MCMS File Upload vulnerability High
CVE-2024-22567 was published for net.mingsoft:ms-mcms (Maven) Feb 5, 2024
A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is... High Unreviewed
CVE-2024-1116 was published Jan 31, 2024
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-1069 was published Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database