Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,418
Maven
5,000+
npm
4,055
NuGet
723
pip
3,847
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,940 advisories

Loading
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an... Critical Unreviewed
CVE-2017-4990 was published May 17, 2022
Controls limiting uploads to certain file extensions may be bypassed. This could allow an... High Unreviewed
CVE-2022-2102 was published Jun 25, 2022
Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the... Critical Unreviewed
CVE-2022-32994 was published Jun 28, 2022
A vulnerability was found in SourceCodester Library Management System 1.0. It has been classified... High Unreviewed
CVE-2022-2212 was published Jun 28, 2022
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure... Critical Unreviewed
CVE-2021-29281 was published Jul 8, 2022
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo... High Unreviewed
CVE-2022-31854 was published Jul 8, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow... High Unreviewed
CVE-2015-1784 was published Jul 8, 2022
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could... Moderate Unreviewed
CVE-2021-39017 was published Jul 15, 2022
The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution... Critical Unreviewed
CVE-2022-41387 was published Oct 12, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28372 was published Jul 15, 2022
An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to... High Unreviewed
CVE-2021-36461 was published Jul 16, 2022
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not... High Unreviewed
CVE-2021-40905 was published Mar 27, 2022
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php... Critical Unreviewed
CVE-2017-7695 was published May 17, 2022
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht... Critical Unreviewed
CVE-2017-9364 was published May 17, 2022
A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects... High Unreviewed
CVE-2022-2420 was published Jul 16, 2022
A vulnerability was found in URVE Web Manager. It has been declared as critical. This... High Unreviewed
CVE-2022-2419 was published Jul 16, 2022
Unrestricted Upload of File with Dangerous Type in MCMS Critical
CVE-2022-31943 was published for net.mingsoft:ms-mcms (Maven) Jul 2, 2022
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow... High Unreviewed
CVE-2022-24688 was published Jul 19, 2022
An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2022-32413 was published Jul 6, 2022
A vulnerability was found in SourceCodester Company Website CMS. It has been classified as... Critical Unreviewed
CVE-2022-2736 was published Aug 12, 2022
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low... Moderate Unreviewed
CVE-2017-7989 was published May 17, 2022
RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module Moderate
CVE-2022-32065 was published for com.ruoyi:ruoyi (Maven) Jul 14, 2022
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL... Critical Unreviewed
CVE-2022-28369 was published Jul 15, 2022
IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an... Moderate Unreviewed
CVE-2016-8973 was published May 17, 2022
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical... Critical Unreviewed
CVE-2022-2740 was published Aug 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database