Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,470 advisories

Loading
RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type. High Unreviewed
CVE-2021-33615 was published Jun 3, 2022
An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to... High Unreviewed
CVE-2022-29624 was published Jun 3, 2022
elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php. Critical Unreviewed
CVE-2022-30808 was published Jun 3, 2022
NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user. High Unreviewed
CVE-2021-45982 was published Jun 3, 2022
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental... Critical Unreviewed
CVE-2022-32019 was published Jun 3, 2022
Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability. High Unreviewed
CVE-2022-42189 was published Oct 21, 2022
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to... High Unreviewed
CVE-2022-29725 was published Jun 3, 2022
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in... Critical Unreviewed
CVE-2022-30423 was published Jun 3, 2022
In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture... High Unreviewed
CVE-2022-30819 was published Jun 3, 2022
The file upload function of Agentflow BPM has insufficient filtering for special characters in... Critical Unreviewed
CVE-2022-39036 was published Nov 10, 2022
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. Critical Unreviewed
CVE-2017-3108 was published May 17, 2022
FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File... High Unreviewed
CVE-2022-30860 was published Jun 7, 2022
In Wedding Management System v1.0, the editing function of the "Services" module in the... High Unreviewed
CVE-2022-30821 was published Jun 3, 2022
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload... High Unreviewed
CVE-2022-30820 was published Jun 3, 2022
The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-4463 was published May 17, 2022
IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that... High Unreviewed
CVE-2021-29907 was published May 24, 2022
A vulnerability, which was classified as critical, was found in Solare Solar-Log 2.8.4-56/3.5.2... Critical Unreviewed
CVE-2017-20021 was published Jun 10, 2022
In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary... High Unreviewed
CVE-2017-11756 was published May 17, 2022
Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5... Moderate Unreviewed
CVE-2015-4462 was published May 17, 2022
Unrestricted Attachment Upload High
CVE-2022-2111 was published for inventree (pip) Jun 17, 2022
saharshtapi
Unrestricted Upload of File with Dangerous Type in Elefant CMS High
CVE-2017-20063 was published for elefant/cms (Composer) Jun 21, 2022
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon... High Unreviewed
CVE-2022-0863 was published Jun 14, 2022
itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via... High Unreviewed
CVE-2022-32433 was published Jun 16, 2022
Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in... High Unreviewed
CVE-2017-11466 was published May 17, 2022
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated... High Unreviewed
CVE-2013-1916 was published Jun 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database