GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
October allows an admin account to upload PDF containing malicious JavaScript
Low
CVE-2024-45962
was published
for
october/october
(Composer)
Oct 2, 2024
Zenario allows authenticated admin users to upload PDF files containing malicious code
Low
CVE-2024-45960
was published
for
tribalsystems/zenario
(Composer)
Oct 2, 2024
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload
Low
CVE-2024-47528
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-41731
was published
Aug 13, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-28166
was published
Aug 13, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11...
Low
Unreviewed
CVE-2024-6595
was published
Jul 17, 2024
Due to missing verification of file type or
content, SAP Enable Now allows an authenticated...
Low
Unreviewed
CVE-2024-34692
was published
Jul 9, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload...
Low
Unreviewed
CVE-2023-47711
was published
May 14, 2024
An undisclosed issue in Trusteer iOS SDK for mobile versions prior to 5.7 and Trusteer Android...
Low
Unreviewed
CVE-2022-42443
was published
Feb 17, 2024
Jenkins temporary uploaded file created with insecure permissions
Low
CVE-2023-43497
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Sep 20, 2023
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected...
Low
Unreviewed
CVE-2023-3800
was published
Jul 21, 2023
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
Low
CVE-2022-2872
was published
for
OctoPrint
(pip)
Sep 22, 2022
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious...
Low
Unreviewed
CVE-2022-22450
was published
Jul 15, 2022
ProTip!
Advisories are also available from the
GraphQL API