GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,481
Composer 5,257
Erlang 41
GitHub Actions 41
Go 3,051
Maven 6,276
npm 4,791
NuGet 825
pip 4,389
Pub 12
RubyGems 988
Rust 1,145
Swift 50

Unreviewed advisories

All unreviewed 291,440

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,273 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1... Critical Unreviewed

CVE-2021-46428 was published Jan 28, 2022

A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows... Critical Unreviewed

CVE-2022-23329 was published Feb 10, 2022

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead... Critical Unreviewed

CVE-2021-22803 was published Feb 12, 2022

Unrestricted Upload of File with Dangerous Type in Drupal core Critical

CVE-2020-13675 was published for drupal/core (Composer) Feb 12, 2022

An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary... Critical Unreviewed

CVE-2022-23390 was published Feb 15, 2022

Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow... Critical Unreviewed

CVE-2022-24984 was published Feb 17, 2022

File upload leading to RCE in MCMS Critical

CVE-2021-46036 was published for net.mingsoft:ms-mcms (Maven) Feb 19, 2022

An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function... Critical Unreviewed

CVE-2022-24553 was published Feb 22, 2022

A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows... Critical Unreviewed

CVE-2022-25411 was published Mar 2, 2022

Home Owners Collection Management System v1.0 was discovered to contain an arbitrary file upload... Critical Unreviewed

CVE-2022-25016 was published Mar 3, 2022

sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized... Critical Unreviewed

CVE-2022-24652 was published Mar 11, 2022

sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized... Critical Unreviewed

CVE-2022-24651 was published Mar 11, 2022

Cross-site Scripting in showdoc/showdoc Critical

CVE-2022-0960 was published for showdoc/showdoc (Composer) Mar 15, 2022

Unrestricted Upload of File with Dangerous Type in Zenario CMS Critical

CVE-2021-42171 was published for tribalsystems/zenario (Composer) Mar 15, 2022

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow... Critical Unreviewed

CVE-2021-25003 was published Mar 15, 2022

The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to... Critical Unreviewed

CVE-2022-25495 was published Mar 16, 2022

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin... Critical Unreviewed

CVE-2022-25487 was published Mar 16, 2022

The Spatie media-library-pro library through 1.17.10 and 2.x through 2.1.6 for Laravel allows... Critical Unreviewed

CVE-2021-45040 was published Mar 18, 2022

An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via... Critical Unreviewed

CVE-2021-45834 was published Mar 19, 2022

The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of... Critical Unreviewed

CVE-2021-45835 was published Mar 19, 2022

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2021-39384 was published Mar 22, 2022

An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2... Critical Unreviewed

CVE-2022-23880 was published Mar 24, 2022

VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed

CVE-2022-22952 was published Mar 24, 2022

The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads... Critical Unreviewed

CVE-2022-0888 was published Mar 24, 2022

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup... Critical Unreviewed

CVE-2021-27428 was published Mar 24, 2022

Previous 12…51 Next

Previous 1 2 3 4 5 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,273 advisories