GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28 advisories
kiwitcms vulnerable to stored XSS via unrestricted files upload
Moderate
CVE-2023-32686
was published
for
kiwitcms
(pip)
May 22, 2023
Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox
High
CVE-2023-36809
was published
for
kiwitcms
(pip)
Jul 5, 2023
kiwitcms vulnerable to stored cross-site scripting via unrestricted file upload
High
CVE-2023-33977
was published
for
kiwitcms
(pip)
Jun 6, 2023
pyLoad allows upload to arbitrary folder lead to RCE
Critical
CVE-2024-32880
was published
for
pyload-ng
(pip)
Apr 24, 2024
yt-dlp File system modification and RCE through improper file-extension sanitization
High
CVE-2024-38519
was published
for
yt-dlp
(pip)
Jul 2, 2024
Unrestricted file upload in kiwi TCMS
High
CVE-2023-30613
was published
for
kiwitcms
(pip)
Apr 24, 2023
youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization
High
GHSA-22fp-mf44-f2mq
was published
for
youtube-dl
(pip)
Apr 18, 2025
Gradio Allows Unauthorized File Copy via Path Manipulation
Moderate
CVE-2025-48889
was published
for
gradio
(pip)
May 29, 2025
ProTip!
Advisories are also available from the
GraphQL API