GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
Critical
CVE-2018-9206
was published
for
blueimp-file-upload
(npm)
Oct 22, 2018
Unrestricted Upload of File with Dangerous Type in jquery-file-upload
Critical
CVE-2018-9207
was published
for
jquery-file-upload
(npm)
Dec 19, 2018
Unrestricted Upload of File with Dangerous Type in Strapi
Critical
CVE-2022-27263
was published
for
strapi
(npm)
Apr 13, 2022
Unrestricted Upload of File with Dangerous Type in ButterCMS
Critical
CVE-2022-27260
was published
for
buttercms
(npm)
Apr 13, 2022
Unrestricted Upload of File with Dangerous Type in Payload
Critical
CVE-2022-27952
was published
for
payload
(npm)
Apr 13, 2022
Formidable arbitrary file upload
Critical
CVE-2022-29622
was published
for
formidable
(npm)
May 17, 2022
•
withdrawn
Withdrawn: Code execution via SVG file upload in tiddlywiki
Critical
CVE-2022-29351
was published
for
tiddlywiki
(npm)
May 17, 2022
•
withdrawn
Jan path traversal vulnerability
Critical
CVE-2024-36858
was published
for
@janhq/core
(npm)
Jun 4, 2024
Jan path traversal vulnerability
Critical
CVE-2024-37273
was published
for
@janhq/core
(npm)
Jun 4, 2024
angular-base64-upload vulnerable to unauthenticated remote code execution
Critical
CVE-2024-42640
was published
for
angular-base64-upload
(npm)
Oct 11, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API