Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

970 advisories

Loading
Remote file upload vulnerability in mailcwp v1.99 wordpress plugin Critical Unreviewed
CVE-2015-1000000 was published May 17, 2022
ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component ... Critical Unreviewed
CVE-2022-40050 was published Sep 27, 2022
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote... Critical Unreviewed
CVE-2016-5050 was published May 17, 2022
Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to... Critical Unreviewed
CVE-2022-34613 was published Aug 3, 2022
Arbitrary file upload vulnerability in php uploader Critical Unreviewed
CVE-2022-40721 was published Oct 4, 2022
Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the... Critical Unreviewed
CVE-2022-34496 was published Jul 30, 2022
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified... Critical Unreviewed
CVE-2022-2746 was published Aug 12, 2022
A vulnerability was found in SourceCodester Company Website CMS and classified as critical.... Critical Unreviewed
CVE-2022-2751 was published Aug 12, 2022
A vulnerability, which was classified as critical, has been found in SourceCodester Gym... Critical Unreviewed
CVE-2022-2744 was published Aug 12, 2022
Remote file upload vulnerability in fast-image-adder v1.1 Wordpress plugin Critical Unreviewed
CVE-2015-1000001 was published May 17, 2022
A vulnerability, which was classified as critical, was found in SourceCodester Company Website... Critical Unreviewed
CVE-2022-2750 was published Aug 12, 2022
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical... Critical Unreviewed
CVE-2022-2740 was published Aug 12, 2022
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL... Critical Unreviewed
CVE-2022-28369 was published Jul 15, 2022
A vulnerability was found in SourceCodester Company Website CMS. It has been classified as... Critical Unreviewed
CVE-2022-2736 was published Aug 12, 2022
An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2022-32413 was published Jul 6, 2022
Unrestricted Upload of File with Dangerous Type in MCMS Critical
CVE-2022-31943 was published for net.mingsoft:ms-mcms (Maven) Jul 2, 2022
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht... Critical Unreviewed
CVE-2017-9364 was published May 17, 2022
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php... Critical Unreviewed
CVE-2017-7695 was published May 17, 2022
The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41387 was published Oct 12, 2022
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure... Critical Unreviewed
CVE-2021-29281 was published Jul 8, 2022
Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the... Critical Unreviewed
CVE-2022-32994 was published Jun 28, 2022
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an... Critical Unreviewed
CVE-2017-4990 was published May 17, 2022
The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16... Critical Unreviewed
CVE-2022-1952 was published Jul 12, 2022
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on... Critical Unreviewed
CVE-2015-4455 was published May 17, 2022
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code... Critical Unreviewed
CVE-2022-42038 was published Oct 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database