GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,393
Composer 4,825
Erlang 36
GitHub Actions 32
Go 2,417
Maven 5,811
npm 4,054
NuGet 723
pip 3,845
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,914

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,054 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format... Critical Unreviewed

CVE-2018-2404 was published May 13, 2022

SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload... Critical Unreviewed

CVE-2018-2420 was published May 13, 2022

A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator... Critical Unreviewed

CVE-2018-4834 was published May 13, 2022

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,... Critical Unreviewed

CVE-2018-7505 was published May 13, 2022

Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An... Critical Unreviewed

CVE-2019-3940 was published May 13, 2022

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the... Critical Unreviewed

CVE-2018-11091 was published May 13, 2022

Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download... Critical Unreviewed

CVE-2017-1002016 was published May 13, 2022

Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file... Critical Unreviewed

CVE-2017-1002008 was published May 13, 2022

Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard... Critical Unreviewed

CVE-2017-15990 was published May 13, 2022

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop ... Critical Unreviewed

CVE-2018-19355 was published May 13, 2022

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14... Critical Unreviewed

CVE-2018-15961 was published May 13, 2022

Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar)... Critical Unreviewed

CVE-2017-1000081 was published May 13, 2022

Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. Critical Unreviewed

CVE-2018-18475 was published May 13, 2022

An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a... Critical Unreviewed

CVE-2018-6411 was published May 13, 2022

The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated... Critical Unreviewed

CVE-2018-12426 was published May 13, 2022

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in... Critical Unreviewed

CVE-2018-13038 was published May 13, 2022

Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload... Critical Unreviewed

CVE-2019-6139 was published May 13, 2022

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013.... Critical Unreviewed

CVE-2018-3832 was published May 13, 2022

Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File... Critical Unreviewed

CVE-2022-30448 was published May 12, 2022

CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this... Critical Unreviewed

CVE-2021-42645 was published May 11, 2022

Beijing Runnier Network Technology Co., Ltd Open virtual simulation experiment teaching... Critical Unreviewed

CVE-2022-28120 was published May 6, 2022

An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd.... Critical Unreviewed

CVE-2022-28606 was published May 6, 2022

Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework... Critical Unreviewed

CVE-2013-20002 was published May 5, 2022

Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image... Critical Unreviewed

CVE-2022-28568 was published May 5, 2022

An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2022-29347 was published May 5, 2022

Previous 1 2 … 38 39 40 41 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,054 advisories