GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,026 advisories
Filter by severity
Contao affected by remote command execution through file upload
High
CVE-2024-45398
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
High
CVE-2021-40324
was published
for
cobbler
(pip)
Oct 5, 2021
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows...
High
Unreviewed
CVE-2024-44871
was published
Sep 10, 2024
SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload...
High
Unreviewed
CVE-2024-8232
was published
Sep 10, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin...
High
Unreviewed
CVE-2024-7770
was published
Sep 10, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient...
High
Unreviewed
CVE-2022-2297
was published
Jul 13, 2022
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting...
High
Unreviewed
CVE-2024-31680
was published
Apr 17, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user...
High
Unreviewed
CVE-2024-45171
was published
Sep 5, 2024
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution.
High
Unreviewed
CVE-2024-42991
was published
Sep 3, 2024
6SHR system from Gether Technology does not properly validate uploaded file types, allowing...
High
Unreviewed
CVE-2024-8330
was published
Aug 30, 2024
greykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj...
High
Unreviewed
CVE-2024-28425
was published
Mar 14, 2024
File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to...
High
Unreviewed
CVE-2023-52154
was published
Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An...
High
Unreviewed
CVE-2024-22426
was published
Feb 16, 2024
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute...
High
Unreviewed
CVE-2024-29514
was published
Apr 2, 2024
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service...
High
Unreviewed
CVE-2023-5524
was published
Oct 20, 2023
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-6311
was published
Aug 28, 2024
A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application...
High
Unreviewed
CVE-2024-27283
was published
Feb 22, 2024
File Upload vulnerability in Byzro Network Smart s42 Management Platform v.S42 allows a local...
High
Unreviewed
CVE-2024-27733
was published
Mar 7, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™...
High
Unreviewed
CVE-2024-7987
was published
Aug 26, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a...
High
Unreviewed
CVE-2024-22060
was published
May 31, 2024
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin...
High
Unreviewed
CVE-2024-42523
was published
Aug 23, 2024
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online...
High
Unreviewed
CVE-2024-6114
was published
Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation...
High
Unreviewed
CVE-2024-6115
was published
Jun 18, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online...
High
Unreviewed
CVE-2024-6116
was published
Jun 18, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin...
High
Unreviewed
CVE-2024-42767
was published
Aug 22, 2024
ProTip!
Advisories are also available from the
GraphQL API