GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
953 advisories
Filter by severity
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due...
High
Unreviewed
CVE-2024-8066
was published
Nov 28, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute...
High
Unreviewed
CVE-2024-51364
was published
Nov 21, 2024
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored...
High
Unreviewed
CVE-2024-9504
was published
Nov 26, 2024
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-9660
was published
Nov 23, 2024
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0...
High
Unreviewed
CVE-2024-51208
was published
Nov 20, 2024
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows...
High
Unreviewed
CVE-2024-42676
was published
Aug 15, 2024
The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for...
High
Unreviewed
CVE-2024-9849
was published
Nov 16, 2024
parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect...
High
Unreviewed
CVE-2024-5125
was published
Nov 14, 2024
File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute...
High
Unreviewed
CVE-2024-51152
was published
Nov 8, 2024
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote...
High
Unreviewed
CVE-2024-11017
was published
Nov 11, 2024
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-32254
was published
Apr 16, 2024
*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS...
High
Unreviewed
CVE-2024-48734
was published
Oct 30, 2024
An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized...
High
Unreviewed
CVE-2024-48646
was published
Oct 30, 2024
Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to...
High
Unreviewed
CVE-2024-48093
was published
Oct 30, 2024
File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute...
High
Unreviewed
CVE-2024-48594
was published
Oct 28, 2024
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-7985
was published
Oct 29, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45263
was published
Oct 24, 2024
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to...
High
Unreviewed
CVE-2024-48454
was published
Oct 24, 2024
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution...
High
Unreviewed
CVE-2024-46482
was published
Oct 23, 2024
Administrative Management System from Wellchoose does not properly validate uploaded file types,...
High
Unreviewed
CVE-2024-10201
was published
Oct 21, 2024
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to...
High
Unreviewed
CVE-2024-49398
was published
Oct 17, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9981
was published
Oct 15, 2024
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files...
High
Unreviewed
CVE-2024-47655
was published
Oct 4, 2024
With administrator or admin privileges the application can be tricked into overwriting files in...
High
Unreviewed
CVE-2022-24387
was published
Mar 15, 2022
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2020-36842
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API