Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

963 advisories

Loading
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. Critical Unreviewed
CVE-2017-3108 was published May 17, 2022
A vulnerability, which was classified as critical, was found in Solare Solar-Log 2.8.4-56/3.5.2... Critical Unreviewed
CVE-2017-20021 was published Jun 10, 2022
Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker... Critical Unreviewed
CVE-2021-40954 was published Jun 24, 2022
The d8s-algorithms package for Python, as distributed on PyPI, included a potential code... Critical Unreviewed
CVE-2022-42040 was published Oct 12, 2022
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42043 was published Oct 12, 2022
The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42044 was published Oct 12, 2022
The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42037 was published Oct 12, 2022
The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42039 was published Oct 12, 2022
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can... Critical Unreviewed
CVE-2021-42675 was published Jun 15, 2022
An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0... Critical Unreviewed
CVE-2022-31374 was published Jun 22, 2022
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload... Critical Unreviewed
CVE-2021-40940 was published Jun 16, 2022
The d8s-file-system package for Python, as distributed on PyPI, included a potential code... Critical Unreviewed
CVE-2022-42041 was published Oct 12, 2022
The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41384 was published Oct 12, 2022
The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-42036 was published Oct 12, 2022
LRM does not restrict the types of files that can be uploaded to the affected product. A... Critical Unreviewed
CVE-2022-1519 was published Jun 25, 2022
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary... Critical Unreviewed
CVE-2021-38945 was published Jun 25, 2022
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. Critical Unreviewed
CVE-2022-2128 was published Jun 21, 2022
The d8s-networking package for Python, as distributed on PyPI, included a potential code... Critical Unreviewed
CVE-2022-42042 was published Oct 12, 2022
The d8s-html package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41385 was published Oct 12, 2022
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41386 was published Oct 12, 2022
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code... Critical Unreviewed
CVE-2022-42038 was published Oct 12, 2022
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on... Critical Unreviewed
CVE-2015-4455 was published May 17, 2022
The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16... Critical Unreviewed
CVE-2022-1952 was published Jul 12, 2022
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an... Critical Unreviewed
CVE-2017-4990 was published May 17, 2022
Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the... Critical Unreviewed
CVE-2022-32994 was published Jun 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database