Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,026 advisories

Loading
Contao affected by remote command execution through file upload High
CVE-2024-45398 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. High
CVE-2021-40324 was published for cobbler (pip) Oct 5, 2021
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows... High Unreviewed
CVE-2024-44871 was published Sep 10, 2024
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload... High Unreviewed
CVE-2024-8232 was published Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... High Unreviewed
CVE-2024-7770 was published Sep 10, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient... High Unreviewed
CVE-2022-2297 was published Jul 13, 2022
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting... High Unreviewed
CVE-2024-31680 was published Apr 17, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user... High Unreviewed
CVE-2024-45171 was published Sep 5, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution. High Unreviewed
CVE-2024-42991 was published Sep 3, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing... High Unreviewed
CVE-2024-8330 was published Aug 30, 2024
greykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj... High Unreviewed
CVE-2024-28425 was published Mar 14, 2024
File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to... High Unreviewed
CVE-2023-52154 was published Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An... High Unreviewed
CVE-2024-22426 was published Feb 16, 2024
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute... High Unreviewed
CVE-2024-29514 was published Apr 2, 2024
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service... High Unreviewed
CVE-2023-5524 was published Oct 20, 2023
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-6311 was published Aug 28, 2024
A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application... High Unreviewed
CVE-2024-27283 was published Feb 22, 2024
File Upload vulnerability in Byzro Network Smart s42 Management Platform v.S42 allows a local... High Unreviewed
CVE-2024-27733 was published Mar 7, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... High Unreviewed
CVE-2024-7987 was published Aug 26, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a... High Unreviewed
CVE-2024-22060 was published May 31, 2024
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin... High Unreviewed
CVE-2024-42523 was published Aug 23, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online... High Unreviewed
CVE-2024-6114 was published Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation... High Unreviewed
CVE-2024-6115 was published Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... High Unreviewed
CVE-2024-6116 was published Jun 18, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin... High Unreviewed
CVE-2024-42767 was published Aug 22, 2024
ProTip! Advisories are also available from the GraphQL API