Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,200 advisories

Loading
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before... High Unreviewed
CVE-2018-12980 was published May 13, 2022
Subrion CMS RCE Vulnerability High
CVE-2018-19422 was published for intelliants/subrion (Composer) May 13, 2022
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an... High Unreviewed
CVE-2019-8942 was published May 13, 2022
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic... High Unreviewed
CVE-2017-9650 was published May 13, 2022
Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in... High Unreviewed
CVE-2018-1265 was published May 13, 2022
In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to... High Unreviewed
CVE-2017-12678 was published May 13, 2022
** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2.... High Unreviewed
CVE-2018-15573 was published May 13, 2022
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can... High Unreviewed
CVE-2017-9380 was published May 13, 2022
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5... High Unreviewed
CVE-2018-15139 was published May 13, 2022
Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an... High Unreviewed
CVE-2018-19423 was published May 13, 2022
phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading... High Unreviewed
CVE-2019-9581 was published May 13, 2022
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks... High Unreviewed
CVE-2022-21809 was published May 13, 2022
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing... High Unreviewed
CVE-2021-27771 was published May 13, 2022
An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1... High Unreviewed
CVE-2022-29318 was published May 12, 2022
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System... High Unreviewed
CVE-2022-29655 was published May 12, 2022
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers... High Unreviewed
CVE-2020-19228 was published May 12, 2022
On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-28695 was published May 6, 2022
A vulnerability in the web management interface of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2022-20743 was published May 4, 2022
In SpringBootMovie <=1.2, the uploaded file suffix parameter is not filtered, resulting in... High Unreviewed
CVE-2022-29001 was published May 4, 2022
The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases,... High Unreviewed
CVE-2022-1273 was published May 3, 2022
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows... High Unreviewed
CVE-2006-4558 was published May 1, 2022
upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for... High Unreviewed
CVE-2005-1881 was published May 1, 2022
I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code... High Unreviewed
CVE-2005-1868 was published May 1, 2022
Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an... High Unreviewed
CVE-2001-0901 was published Apr 30, 2022
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and... High Unreviewed
CVE-2001-0340 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database