Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,457 advisories

Loading
jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web.admin._TemplateController... High Unreviewed
CVE-2021-46116 was published Jan 27, 2022
Mingsoft MCMS vulnerable to Remote Code Execution via file upload. Critical
CVE-2021-46386 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution... High Unreviewed
CVE-2021-46113 was published Jan 26, 2022
In ForestBlog, as of 2021-12-28, File upload can bypass verification. Critical Unreviewed
CVE-2021-46033 was published Jan 26, 2022
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before... Moderate Unreviewed
CVE-2022-23026 was published Jan 26, 2022
Arbitrary File Upload in Mingsoft MCMS Critical
CVE-2022-22929 was published for net.mingsoft:ms-mcms (Maven) Jan 22, 2022
Arbitrary file upload in Mingsoft MCMS Critical
CVE-2022-23315 was published for net.mingsoft:ms-mcms (Maven) Jan 22, 2022
crater is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-4080 was published for bytefury/crater (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in Crater High
CVE-2022-0242 was published for bytefury/crater (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in pimcore High
CVE-2022-0263 was published for pimcore/pimcore (Composer) Jan 21, 2022
jpress v4.2.0 allows users to register an account by default. With the account, user can upload... High Unreviewed
CVE-2021-45808 was published Jan 20, 2022
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code. High Unreviewed
CVE-2021-41550 was published Jan 19, 2022
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows... Critical Unreviewed
CVE-2021-38697 was published Jan 19, 2022
An unrestricted file upload vulnerability exists in Sourcecodester Free school management... Critical Unreviewed
CVE-2021-46013 was published Jan 19, 2022
The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by... High Unreviewed
CVE-2021-33828 was published Jan 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34995 was published Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34997 was published Jan 14, 2022
Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the... High Unreviewed
CVE-2021-44651 was published Jan 13, 2022
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database... Critical Unreviewed
CVE-2021-45411 was published Jan 13, 2022
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows... High Unreviewed
CVE-2021-43973 was published Jan 12, 2022
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker... High Unreviewed
CVE-2021-46076 was published Jan 7, 2022
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management... Moderate Unreviewed
CVE-2021-46078 was published Jan 7, 2022
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management... High Unreviewed
CVE-2021-46079 was published Jan 7, 2022
Unrestricted Upload of File with Dangerous Type in unisharp/laravel-filemanager Moderate
CVE-2021-23814 was published for unisharp/laravel-filemanager (Composer) Jan 6, 2022
streamtw
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles... Critical Unreviewed
CVE-2021-44031 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database