GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,503

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

948 advisories

Filter by severity

Sort by

Least recently updated

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write... High Unreviewed

CVE-2022-26627 was published Apr 8, 2022

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver... High Unreviewed

CVE-2021-43430 was published Apr 8, 2022

eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload... High Unreviewed

CVE-2022-26605 was published Apr 7, 2022

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow... High Unreviewed

CVE-2022-26607 was published Apr 7, 2022

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the... High Unreviewed

CVE-2022-26619 was published Apr 6, 2022

Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via ... High Unreviewed

CVE-2022-26630 was published Apr 6, 2022

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component... High Unreviewed

CVE-2022-28062 was published Apr 5, 2022

An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote... High Unreviewed

CVE-2022-27249 was published Apr 5, 2022

An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0... High Unreviewed

CVE-2022-27435 was published Apr 5, 2022

The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the... High Unreviewed

CVE-2022-0537 was published Apr 5, 2022

The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the... High Unreviewed

CVE-2022-0403 was published Apr 5, 2022

An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed... High Unreviewed

CVE-2020-28062 was published Apr 5, 2022

A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an... High Unreviewed

CVE-2021-32961 was published Apr 3, 2022

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload... High Unreviewed

CVE-2022-23155 was published Apr 2, 2022

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to... High Unreviewed

CVE-2022-28223 was published Mar 31, 2022

A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function... High Unreviewed

CVE-2021-43100 was published Mar 30, 2022

A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType... High Unreviewed

CVE-2021-43101 was published Mar 30, 2022

A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function. High Unreviewed

CVE-2021-43098 was published Mar 30, 2022

A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function,... High Unreviewed

CVE-2021-43102 was published Mar 30, 2022

A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function... High Unreviewed

CVE-2021-43103 was published Mar 30, 2022

The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not... High Unreviewed

CVE-2021-40905 was published Mar 27, 2022

Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior... High Unreviewed

CVE-2022-1033 was published Mar 24, 2022

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0... High Unreviewed

CVE-2020-26008 was published Mar 22, 2022

An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows... High Unreviewed

CVE-2020-26007 was published Mar 22, 2022

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is... High Unreviewed

CVE-2022-0687 was published Mar 22, 2022

Previous 1 2 … 34 35 36 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

948 advisories