GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
158 advisories
Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment
Critical
CVE-2024-38529
was published
for
admidio/admidio
(Composer)
Jul 29, 2024
Automad arbitrary file upload vulnerability
High
CVE-2024-40400
was published
for
automad/automad
(Composer)
Jul 19, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability
High
CVE-2024-36811
was published
for
aimeos/aimeos-core
(Composer)
Jun 7, 2024
•
withdrawn
phpMyFAQ's File Upload Bypass at Category Image Leads to RCE
High
CVE-2024-28105
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
Remote Code Execution by uploading a phar file using frontmatter
Critical
CVE-2024-27923
was published
for
getgrav/grav
(Composer)
Mar 6, 2024
Withdrawn Advisory: Unrestricted File Upload affecting automad
Moderate
CVE-2023-7036
was published
for
automad/automad
(Composer)
Dec 21, 2023
•
withdrawn
Statamic CMS vulnerable to remote code execution via form uploads
High
CVE-2023-48217
was published
for
statamic/cms
(Composer)
Nov 14, 2023
Statamic CMS remote code execution via front-end form uploads
High
CVE-2023-47129
was published
for
statamic/cms
(Composer)
Nov 12, 2023
ProTip!
Advisories are also available from the
GraphQL API