Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

904 advisories

Loading
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows... Critical Unreviewed
CVE-2022-29353 was published May 17, 2022
An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for... Critical Unreviewed
CVE-2017-16949 was published May 14, 2022
Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for... Critical Unreviewed
CVE-2014-4972 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as... Critical Unreviewed
CVE-2018-5724 was published May 14, 2022
In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. Critical Unreviewed
CVE-2017-17976 was published May 14, 2022
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console... Critical Unreviewed
CVE-2018-1342 was published May 14, 2022
Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view... Critical Unreviewed
CVE-2018-6580 was published May 14, 2022
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers... Critical Unreviewed
CVE-2018-5749 was published May 14, 2022
Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using... Critical Unreviewed
CVE-2016-7095 was published May 14, 2022
Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action. Critical Unreviewed
CVE-2018-7316 was published May 14, 2022
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded... Critical Unreviewed
CVE-2018-7665 was published May 14, 2022
Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to... Critical Unreviewed
CVE-2014-2592 was published May 14, 2022
joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in... Critical Unreviewed
CVE-2018-8766 was published May 14, 2022
An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. Critical Unreviewed
CVE-2014-4912 was published May 14, 2022
PHPOK 4.8.338 has an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2018-8944 was published May 14, 2022
In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check... Critical Unreviewed
CVE-2015-9259 was published May 14, 2022
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via... Critical Unreviewed
CVE-2017-9101 was published May 14, 2022
b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files... Critical Unreviewed
CVE-2018-10469 was published May 14, 2022
A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2,... Critical Unreviewed
CVE-2018-10375 was published May 14, 2022
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16... Critical Unreviewed
CVE-2016-10036 was published May 14, 2022
modules/attributewizardpro/file_upload.php in the Attribute Wizard addon 1.6.9 for PrestaShop 1.4... Critical Unreviewed
CVE-2018-10942 was published May 14, 2022
An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the... Critical Unreviewed
CVE-2018-11331 was published May 14, 2022
There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2... Critical Unreviewed
CVE-2018-10648 was published May 14, 2022
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files. Critical Unreviewed
CVE-2018-11523 was published May 14, 2022
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert... Critical Unreviewed
CVE-2018-12051 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database