Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,474 advisories

Loading
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2... Critical Unreviewed
CVE-2022-23880 was published Mar 24, 2022
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads... Critical Unreviewed
CVE-2022-0888 was published Mar 24, 2022
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed
CVE-2022-22952 was published Mar 24, 2022
GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup... Critical Unreviewed
CVE-2021-27428 was published Mar 24, 2022
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior... High Unreviewed
CVE-2022-1033 was published Mar 24, 2022
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not... High Unreviewed
CVE-2021-40905 was published Mar 27, 2022
Unrestricted Upload of File with Dangerous Type in Gogs High
CVE-2022-0415 was published for gogs.io/gogs (Go) Mar 28, 2022
wuhan005
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated... Critical Unreviewed
CVE-2022-26871 was published Mar 30, 2022
A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via... Critical Unreviewed
CVE-2021-45865 was published Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function... High Unreviewed
CVE-2021-43103 was published Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function... High Unreviewed
CVE-2021-43100 was published Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType... High Unreviewed
CVE-2021-43101 was published Mar 30, 2022
A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function. High Unreviewed
CVE-2021-43098 was published Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function,... High Unreviewed
CVE-2021-43102 was published Mar 30, 2022
Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to... High Unreviewed
CVE-2022-28223 was published Mar 31, 2022
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type... Critical Unreviewed
CVE-2022-24136 was published Apr 1, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4 High
CVE-2021-34257 was published for wpanel/wpanel4-cms (Composer) Apr 1, 2022
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows... Critical Unreviewed
CVE-2022-26645 was published Apr 1, 2022
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload... High Unreviewed
CVE-2022-23155 was published Apr 2, 2022
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an... High Unreviewed
CVE-2021-32961 was published Apr 3, 2022
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed... High Unreviewed
CVE-2020-28062 was published Apr 5, 2022
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the... High Unreviewed
CVE-2022-0403 was published Apr 5, 2022
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the... High Unreviewed
CVE-2022-0537 was published Apr 5, 2022
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0... High Unreviewed
CVE-2022-27435 was published Apr 5, 2022
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component... High Unreviewed
CVE-2022-28062 was published Apr 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database