Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,474 advisories

Loading
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows... Critical Unreviewed
CVE-2022-26645 was published Apr 1, 2022
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component... High Unreviewed
CVE-2022-28062 was published Apr 5, 2022
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the... High Unreviewed
CVE-2022-0403 was published Apr 5, 2022
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *... Critical Unreviewed
CVE-2021-28428 was published Apr 6, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4 High
CVE-2021-34257 was published for wpanel/wpanel4-cms (Composer) Apr 1, 2022
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed... High Unreviewed
CVE-2020-28062 was published Apr 5, 2022
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type... Critical Unreviewed
CVE-2022-24136 was published Apr 1, 2022
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an... High Unreviewed
CVE-2021-32961 was published Apr 3, 2022
Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via ... High Unreviewed
CVE-2022-26630 was published Apr 6, 2022
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0... High Unreviewed
CVE-2022-27435 was published Apr 5, 2022
eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload... High Unreviewed
CVE-2022-26605 was published Apr 7, 2022
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver... High Unreviewed
CVE-2021-43430 was published Apr 8, 2022
Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via ... High Unreviewed
CVE-2022-27346 was published Apr 9, 2022
Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability... High Unreviewed
CVE-2022-27352 was published Apr 9, 2022
Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via... High Unreviewed
CVE-2022-27349 was published Apr 9, 2022
RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin... High Unreviewed
CVE-2021-46367 was published Apr 9, 2022
Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the... High Unreviewed
CVE-2022-26619 was published Apr 6, 2022
A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow... High Unreviewed
CVE-2022-26607 was published Apr 7, 2022
An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to... Critical Unreviewed
CVE-2022-27131 was published Apr 11, 2022
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the... High Unreviewed
CVE-2022-0537 was published Apr 5, 2022
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote... High Unreviewed
CVE-2022-27249 was published Apr 5, 2022
Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at ... Critical Unreviewed
CVE-2022-27477 was published Apr 11, 2022
Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via ... Critical Unreviewed
CVE-2022-27357 was published Apr 9, 2022
mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation. Critical Unreviewed
CVE-2022-27047 was published Apr 9, 2022
An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed
CVE-2022-27129 was published Apr 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database