GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,141
Composer 4,083
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,107
npm 3,643
NuGet 638
pip 3,260
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,048

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

773 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download... Critical Unreviewed

CVE-2017-1002016 was published May 13, 2022

Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file... Critical Unreviewed

CVE-2017-1002008 was published May 13, 2022

Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard... Critical Unreviewed

CVE-2017-15990 was published May 13, 2022

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop ... Critical Unreviewed

CVE-2018-19355 was published May 13, 2022

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14... Critical Unreviewed

CVE-2018-15961 was published May 13, 2022

Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar)... Critical Unreviewed

CVE-2017-1000081 was published May 13, 2022

Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. Critical Unreviewed

CVE-2018-18475 was published May 13, 2022

An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a... Critical Unreviewed

CVE-2018-6411 was published May 13, 2022

The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated... Critical Unreviewed

CVE-2018-12426 was published May 13, 2022

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in... Critical Unreviewed

CVE-2018-13038 was published May 13, 2022

Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload... Critical Unreviewed

CVE-2019-6139 was published May 13, 2022

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013.... Critical Unreviewed

CVE-2018-3832 was published May 13, 2022

Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File... Critical Unreviewed

CVE-2022-30448 was published May 12, 2022

CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this... Critical Unreviewed

CVE-2021-42645 was published May 11, 2022

Beijing Runnier Network Technology Co., Ltd Open virtual simulation experiment teaching... Critical Unreviewed

CVE-2022-28120 was published May 6, 2022

An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd.... Critical Unreviewed

CVE-2022-28606 was published May 6, 2022

Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework... Critical Unreviewed

CVE-2013-20002 was published May 5, 2022

Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image... Critical Unreviewed

CVE-2022-28568 was published May 5, 2022

An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2022-29347 was published May 5, 2022

novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can... Critical Unreviewed

CVE-2021-41921 was published Apr 29, 2022

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate... Critical Unreviewed

CVE-2021-43934 was published Apr 29, 2022

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to... Critical Unreviewed

CVE-2022-27468 was published Apr 27, 2022

Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE)... Critical Unreviewed

CVE-2022-28021 was published Apr 22, 2022

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the... Critical Unreviewed

CVE-2010-1433 was published Apr 21, 2022

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This... Critical Unreviewed

CVE-2022-29464 was published Apr 20, 2022

Previous 1 2 … 27 28 29 30 31 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

773 advisories