GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,470 advisories
Filter by severity
here is an arbitrary file upload vulnerability in the file management function module of...
Critical
Unreviewed
CVE-2022-45966
was published
Dec 22, 2022
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write...
High
Unreviewed
CVE-2022-26627
was published
Apr 8, 2022
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
Moderate
Unreviewed
CVE-2022-1045
was published
Apr 12, 2022
Unrestricted Upload of File with Dangerous Type in Strapi
Critical
CVE-2022-27263
was published
for
strapi
(npm)
Apr 13, 2022
Musical World v1 was discovered to contain an arbitrary file upload vulnerability via...
High
Unreviewed
CVE-2022-27064
was published
Apr 9, 2022
Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ...
Critical
Unreviewed
CVE-2022-27351
was published
Apr 9, 2022
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post...
High
Unreviewed
CVE-2022-27061
was published
Apr 9, 2022
An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows...
Critical
Unreviewed
CVE-2022-27262
was published
Apr 13, 2022
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file,...
High
Unreviewed
CVE-2022-1008
was published
Apr 12, 2022
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This...
Critical
Unreviewed
CVE-2022-1345
was published
Apr 14, 2022
Unrestricted Upload of File with Dangerous Type in ButterCMS
Critical
CVE-2022-27260
was published
for
buttercms
(npm)
Apr 13, 2022
Unrestricted Upload of File with Dangerous Type in Payload
Critical
CVE-2022-27952
was published
for
payload
(npm)
Apr 13, 2022
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5...
Critical
Unreviewed
CVE-2022-27862
was published
Apr 20, 2022
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the...
Critical
Unreviewed
CVE-2010-1433
was published
Apr 21, 2022
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code...
High
Unreviewed
CVE-2022-28440
was published
Apr 22, 2022
Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the...
High
Unreviewed
CVE-2022-27478
was published
Apr 22, 2022
Arbitrary command execution in Minidoc
High
CVE-2022-29637
was published
for
github.com/mindoc-org/mindoc
(Go)
May 27, 2022
JFinal file validation vulnerability
High
CVE-2019-17352
was published
for
com.jfinal:jfinal
(Maven)
May 25, 2022
Arbitrary file upload in ShopXO
High
CVE-2021-41938
was published
for
shopxo/shopxo
(Composer)
May 20, 2022
IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not...
High
Unreviewed
CVE-2021-39040
was published
Apr 26, 2022
IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files...
High
Unreviewed
CVE-2022-22392
was published
Apr 26, 2022
Prima Systems FlexAir devices allow Unauthenticated Command Injection resulting in Root Remote...
Critical
Unreviewed
CVE-2019-7669
was published
May 24, 2022
Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE)...
Critical
Unreviewed
CVE-2022-28021
was published
Apr 22, 2022
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users,...
High
Unreviewed
CVE-2021-4225
was published
Apr 26, 2022
ProTip!
Advisories are also available from the
GraphQL API