Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

72 advisories

Loading
Unrestricted file uploads in Contao High
CVE-2019-19745 was published for contao/contao (Composer) Dec 17, 2019
Edit template, Remote Code Execution (RCE) Vulnerability in Latest Release 4.4.0 High
CVE-2020-15277 was published for baserproject/basercms (Composer) Oct 30, 2020
Aquilao
Unrestricted File Upload in Form Framework High
CVE-2021-21355 was published for typo3/cms (Composer) Mar 23, 2021
smichaelsen ohader
marclindemann vertexvaar sushiwushi waldhacker1
Broken Access Control in Form Framework High
CVE-2021-21357 was published for typo3/cms (Composer) Mar 23, 2021
sushiwushi waldhacker1
elFinder unsafe upload filtering leading to remote code execution High
CVE-2021-23394 was published for studio-42/elfinder (Composer) Jun 15, 2021
assaf-benjosef thomas-chauchefoin-sonarsource
Remote Code Execution vulnerability in PHPMailer 6.4.1 running on Windows High
CVE-2021-34551 was published for phpmailer/phpmailer (Composer) Jun 22, 2021
Arbitrary file upload in Fork CMS High
CVE-2021-28931 was published for forkcms/forkcms (Composer) Sep 8, 2021
Arbitrary Code Execution in feehi/cms High
CVE-2020-21322 was published for feehi/cms (Composer) Sep 20, 2021
Drupal core Unrestricted Upload of File with Dangerous Type High
CVE-2020-13671 was published for drupal/core (Composer) Oct 12, 2021
Unrestricted Uploads in Concrete5 High
CVE-2020-11476 was published for concrete5/concrete5 (Composer) Nov 3, 2021
tdunlap607
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-3915 was published for ssddanbrown/bookstack (Composer) Nov 15, 2021
Unrestricted Upload of File with Dangerous Type in pimcore High
CVE-2022-0263 was published for pimcore/pimcore (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in Crater High
CVE-2022-0242 was published for bytefury/crater (Composer) Jan 21, 2022
crater is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-4080 was published for bytefury/crater (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in showdoc High
CVE-2022-0409 was published for showdoc/showdoc (Composer) Feb 20, 2022
File upload restriction bypass in Zenario CMS High
CVE-2022-23043 was published for tribalsystems/zenario (Composer) Feb 25, 2022
Unrestricted Upload of File with Dangerous Type in MODX Revolution High
CVE-2022-26149 was published for modx/revolution (Composer) Feb 27, 2022
Unrestricted Upload of File with Dangerous Type in Croogo High
CVE-2021-44673 was published for croogo/croogo (Composer) Mar 11, 2022
Unrestricted Upload of File with Dangerous Type in ShowDoc High
CVE-2022-1034 was published for showdoc/showdoc (Composer) Mar 23, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4 High
CVE-2021-34257 was published for wpanel/wpanel4-cms (Composer) Apr 1, 2022
TYPO3 Arbitrary Code Execution vulnerability on the backend High
CVE-2010-3663 was published for typo3/cms-backend (Composer) Apr 21, 2022
Subrion CMS RCE Vulnerability High
CVE-2018-19422 was published for intelliants/subrion (Composer) May 13, 2022
Bolt Unrestricted Upload of File with Dangerous Type High
CVE-2019-9185 was published for bolt/bolt (Composer) May 13, 2022
RCE in baserCMS before 4.1.4 High
CVE-2018-18942 was published for baserproject/basercms (Composer) May 13, 2022
Craft CMS PHP Code Injection Vulnerability High
CVE-2018-3814 was published for craftcms/cms (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database