Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,287 advisories

Loading
A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins. Critical Unreviewed
CVE-2021-40883 was published Dec 15, 2021
OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an... Critical Unreviewed
CVE-2021-41560 was published Dec 16, 2021
An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4. An... High Unreviewed
CVE-2021-41870 was published Dec 16, 2021
Code injection in plupload Moderate
CVE-2021-23562 was published for plupload (npm) Dec 16, 2021
The "Log alert to a file" action within action management enables any Orion Platform user with... High Unreviewed
CVE-2021-35244 was published Dec 21, 2021
4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker... Critical Unreviewed
CVE-2021-44159 was published Dec 21, 2021
Chain Sea ai chatbot system’s file upload function has insufficient filtering for special... Critical Unreviewed
CVE-2021-44164 was published Dec 21, 2021
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles... Critical Unreviewed
CVE-2021-44031 was published Dec 23, 2021
Unrestricted Upload of File with Dangerous Type in unisharp/laravel-filemanager Moderate
CVE-2021-23814 was published for unisharp/laravel-filemanager (Composer) Jan 6, 2022
streamtw
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management... High Unreviewed
CVE-2021-46079 was published Jan 7, 2022
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management... Moderate Unreviewed
CVE-2021-46078 was published Jan 7, 2022
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker... High Unreviewed
CVE-2021-46076 was published Jan 7, 2022
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows... High Unreviewed
CVE-2021-43973 was published Jan 12, 2022
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database... Critical Unreviewed
CVE-2021-45411 was published Jan 13, 2022
Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the... High Unreviewed
CVE-2021-44651 was published Jan 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34997 was published Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34995 was published Jan 14, 2022
The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by... High Unreviewed
CVE-2021-33828 was published Jan 16, 2022
An unrestricted file upload vulnerability exists in Sourcecodester Free school management... Critical Unreviewed
CVE-2021-46013 was published Jan 19, 2022
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code. High Unreviewed
CVE-2021-41550 was published Jan 19, 2022
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows... Critical Unreviewed
CVE-2021-38697 was published Jan 19, 2022
jpress v4.2.0 allows users to register an account by default. With the account, user can upload... High Unreviewed
CVE-2021-45808 was published Jan 20, 2022
Unrestricted Upload of File with Dangerous Type in pimcore High
CVE-2022-0263 was published for pimcore/pimcore (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in Crater High
CVE-2022-0242 was published for bytefury/crater (Composer) Jan 21, 2022
crater is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-4080 was published for bytefury/crater (Composer) Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API