GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,329
Composer 4,361
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,794
NuGet 685
pip 3,473
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,991

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,606 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Moderate Unreviewed

CVE-2024-55514 was published Dec 17, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed

CVE-2024-54285 was published Dec 16, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo... Critical Unreviewed

CVE-2024-54370 was published Dec 16, 2024

The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-9698 was published Dec 14, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed

CVE-2024-54262 was published Dec 13, 2024

The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed

CVE-2024-9290 was published Dec 13, 2024

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-12042 was published Dec 13, 2024

The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-10590 was published Dec 12, 2024

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2,... Moderate Unreviewed

CVE-2024-44220 was published Dec 12, 2024

Apache Struts file upload logic is flawed Critical

CVE-2024-53677 was published for org.apache.struts:struts2-core (Maven) Dec 11, 2024

If the attacker has access to a valid Poweruser session, remote code execution is possible... High Unreviewed

CVE-2024-47946 was published Dec 10, 2024

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload... High Unreviewed

CVE-2024-50625 was published Dec 10, 2024

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed

CVE-2024-54918 was published Dec 9, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium... Critical Unreviewed

CVE-2024-53822 was published Dec 9, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a... Critical Unreviewed

CVE-2024-54214 was published Dec 6, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit allows... Moderate Unreviewed

CVE-2024-53811 was published Dec 6, 2024

The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due... High Unreviewed

CVE-2024-10578 was published Dec 6, 2024

A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as... Moderate Unreviewed

CVE-2024-12233 was published Dec 5, 2024

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ... High Unreviewed

CVE-2024-51548 was published Dec 5, 2024

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions... Critical Unreviewed

CVE-2024-40744 was published Dec 4, 2024

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of... High Unreviewed

CVE-2024-46625 was published Dec 4, 2024

Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders High

CVE-2024-53863 was published for matrix-synapse (pip) Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by... Moderate Unreviewed

CVE-2024-25020 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed

CVE-2024-40691 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... Moderate Unreviewed

CVE-2024-25019 was published Dec 3, 2024

Previous 1 2 3 4 5 6 … 104 105 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,606 advisories