Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,086 advisories

Loading
File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via... High Unreviewed
CVE-2023-50692 was published Dec 28, 2023
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions... High Unreviewed
CVE-2023-5673 was published Dec 26, 2023
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not... High Unreviewed
CVE-2023-5931 was published Dec 26, 2023
IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused... High Unreviewed
CVE-2023-42017 was published Dec 22, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution... High Unreviewed
CVE-2023-47784 was published Dec 20, 2023
MLflow Path Traversal Vulnerability High
CVE-2023-6976 was published for mlflow (pip) Dec 20, 2023
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4... High Unreviewed
CVE-2023-46263 was published Dec 19, 2023
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4... High Unreviewed
CVE-2023-46264 was published Dec 19, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload... High Unreviewed
CVE-2023-4311 was published Dec 18, 2023
Kaifa Technology WebITR is an online attendance system, its file uploading function does not... High Unreviewed
CVE-2023-48394 was published Dec 15, 2023
The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed
CVE-2023-6826 was published Dec 15, 2023
The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2023-6827 was published Dec 15, 2023
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4... High Unreviewed
CVE-2023-50564 was published Dec 14, 2023
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a... High Unreviewed
CVE-2023-39538 was published Dec 6, 2023
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a... High Unreviewed
CVE-2023-39539 was published Dec 6, 2023
The ACEManager component of ALEOS 4.16 and earlier does not validate uploaded file... High Unreviewed
CVE-2023-40460 was published Dec 5, 2023
The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as... High Unreviewed
CVE-2023-5953 was published Dec 5, 2023
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to... High Unreviewed
CVE-2023-48965 was published Dec 4, 2023
ThinkAdmin arbitrary file upload vulnerability High
CVE-2023-48966 was published for zoujingli/thinkadmin (Composer) Dec 4, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal... High Unreviewed
CVE-2023-5637 was published Dec 1, 2023
Microweber file upload vulnerability High
CVE-2023-49052 was published for microweber/microweber (Composer) Nov 30, 2023
Unrestricted file upload in `/main/inc/ajax/dropbox.ajax.php` in Chamilo LMS <= v1.11.24 allows... High Unreviewed
CVE-2023-4224 was published Nov 28, 2023
Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows... High Unreviewed
CVE-2023-4225 was published Nov 28, 2023
Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows... High Unreviewed
CVE-2023-4226 was published Nov 28, 2023
Unrestricted file upload in `/main/inc/ajax/document.ajax.php` in Chamilo LMS <= v1.11.24 allows... High Unreviewed
CVE-2023-4223 was published Nov 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database