Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

963 advisories

Loading
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to... Critical Unreviewed
CVE-2022-40981 was published Nov 11, 2022
An arbitrary file upload vulnerability in the component /pages/save_user.php of Canteen... Critical Unreviewed
CVE-2022-43265 was published Nov 16, 2022
Baijicms v4 was discovered to contain an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2022-35150 was published Aug 23, 2022
Linear eMerge E3-Series devices allow Unrestricted File Upload. Critical Unreviewed
CVE-2019-7257 was published May 24, 2022
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2022-30887 was published May 21, 2022
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2022-28104 was published May 21, 2022
A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute... Critical Unreviewed
CVE-2022-28927 was published May 20, 2022
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Critical Unreviewed
CVE-2019-7274 was published May 24, 2022
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. Critical Unreviewed
CVE-2019-7268 was published May 24, 2022
An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an... Critical Unreviewed
CVE-2019-9642 was published May 24, 2022
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared... Critical Unreviewed
CVE-2023-0257 was published Jan 13, 2023
A vulnerability classified as critical was found in SourceCodester Gas Agency Management System.... Critical Unreviewed
CVE-2022-2779 was published Aug 13, 2022
A vulnerability was found in SourceCodester Zoo Management System. It has been classified as... Critical Unreviewed
CVE-2022-2804 was published Aug 13, 2022
The GREYD.SUITE WordPress theme does not properly validate uploaded custom font packages, and... Critical Unreviewed
CVE-2022-2180 was published Aug 16, 2022
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated... Critical Unreviewed
CVE-2019-15130 was published May 24, 2022
The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload. Critical Unreviewed
CVE-2015-9471 was published May 24, 2022
AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php Critical Unreviewed
CVE-2022-46102 was published Dec 22, 2022
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows... Critical Unreviewed
CVE-2022-43234 was published Nov 16, 2022
An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1... Critical Unreviewed
CVE-2020-13774 was published May 24, 2022
SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image... Critical Unreviewed
CVE-2020-28140 was published May 24, 2022
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management... Critical Unreviewed
CVE-2020-27956 was published May 24, 2022
An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account... Critical Unreviewed
CVE-2020-23138 was published May 24, 2022
An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library... Critical Unreviewed
CVE-2020-28130 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions... Critical Unreviewed
CVE-2020-26553 was published May 24, 2022
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this... Critical Unreviewed
CVE-2020-25537 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database