GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
769 advisories
Filter by severity
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46377
was published
Sep 18, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online...
Critical
Unreviewed
CVE-2024-27115
was published
Sep 11, 2024
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter,...
Critical
Unreviewed
CVE-2024-7732
was published
Aug 14, 2024
A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an...
Critical
Unreviewed
CVE-2023-0651
was published
Feb 2, 2023
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the...
Critical
Unreviewed
CVE-2023-51034
was published
Dec 22, 2023
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in...
Critical
Unreviewed
CVE-2024-44849
was published
Sep 9, 2024
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-31777
was published
Jun 14, 2024
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of...
Critical
Unreviewed
CVE-2024-8463
was published
Sep 5, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute...
Critical
Unreviewed
CVE-2024-45076
was published
Sep 4, 2024
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in...
Critical
Unreviewed
CVE-2024-6117
was published
Aug 5, 2024
An issue in Timo v.2.0.3 allows a remote attacker to execute arbitrary code via the filetype...
Critical
Unreviewed
CVE-2024-22824
was published
Feb 20, 2024
File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute...
Critical
Unreviewed
CVE-2024-27747
was published
Mar 2, 2024
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the...
Critical
Unreviewed
CVE-2023-48031
was published
Nov 17, 2023
An arbitrary file upload vulnerability in the component /sysFile/upload of Novel-Plus v4.3.0-RC1...
Critical
Unreviewed
CVE-2024-25274
was published
Feb 20, 2024
Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-28423
was published
Mar 14, 2024
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted...
Critical
Unreviewed
CVE-2024-28713
was published
Mar 28, 2024
An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of...
Critical
Unreviewed
CVE-2023-41506
was published
Feb 27, 2024
File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-28441
was published
Mar 22, 2024
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of...
Critical
Unreviewed
CVE-2024-42777
was published
Aug 21, 2024
An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2024-42563
was published
Aug 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows...
Critical
Unreviewed
CVE-2024-43249
was published
Aug 19, 2024
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the...
Critical
Unreviewed
CVE-2024-1659
was published
Jun 12, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-39397
was published
Aug 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection...
Critical
Unreviewed
CVE-2024-43160
was published
Aug 13, 2024
An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry...
Critical
Unreviewed
CVE-2024-35527
was published
Jun 26, 2024
ProTip!
Advisories are also available from the
GraphQL API