GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,177

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

912 advisories

Filter by severity

Sort by

Least recently updated

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013.... Critical Unreviewed

CVE-2018-3832 was published May 13, 2022

Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File... Critical Unreviewed

CVE-2022-30448 was published May 12, 2022

CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this... Critical Unreviewed

CVE-2021-42645 was published May 11, 2022

Beijing Runnier Network Technology Co., Ltd Open virtual simulation experiment teaching... Critical Unreviewed

CVE-2022-28120 was published May 6, 2022

An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd.... Critical Unreviewed

CVE-2022-28606 was published May 6, 2022

Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework... Critical Unreviewed

CVE-2013-20002 was published May 5, 2022

Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image... Critical Unreviewed

CVE-2022-28568 was published May 5, 2022

An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2022-29347 was published May 5, 2022

novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can... Critical Unreviewed

CVE-2021-41921 was published Apr 29, 2022

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate... Critical Unreviewed

CVE-2021-43934 was published Apr 29, 2022

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to... Critical Unreviewed

CVE-2022-27468 was published Apr 27, 2022

Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE)... Critical Unreviewed

CVE-2022-28021 was published Apr 22, 2022

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the... Critical Unreviewed

CVE-2010-1433 was published Apr 21, 2022

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This... Critical Unreviewed

CVE-2022-29464 was published Apr 20, 2022

Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5... Critical Unreviewed

CVE-2022-27862 was published Apr 20, 2022

Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This... Critical Unreviewed

CVE-2022-1345 was published Apr 14, 2022

An arbitrary file upload vulnerability in the file upload module of Express-Fileupload v1.3.1... Critical Unreviewed

CVE-2022-27140 was published Apr 13, 2022

An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows... Critical Unreviewed

CVE-2022-27262 was published Apr 13, 2022

An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to... Critical Unreviewed

CVE-2022-27131 was published Apr 11, 2022

An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed

CVE-2022-27129 was published Apr 11, 2022

Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at ... Critical Unreviewed

CVE-2022-27477 was published Apr 11, 2022

Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via ... Critical Unreviewed

CVE-2022-27357 was published Apr 9, 2022

Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ... Critical Unreviewed

CVE-2022-27351 was published Apr 9, 2022

mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation. Critical Unreviewed

CVE-2022-27047 was published Apr 9, 2022

File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *... Critical Unreviewed

CVE-2021-28428 was published Apr 6, 2022

Previous 1 2 … 33 34 35 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

912 advisories