GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
Edit template, Remote Code Execution (RCE) Vulnerability in Latest Release 4.4.0
High
CVE-2020-15277
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
Unrestricted Upload of File with Dangerous Type in ShowDoc
High
CVE-2022-1034
was published
for
showdoc/showdoc
(Composer)
Mar 23, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4
High
CVE-2021-34257
was published
for
wpanel/wpanel4-cms
(Composer)
Apr 1, 2022
Arbitrary file upload in ShopXO
High
CVE-2021-41938
was published
for
shopxo/shopxo
(Composer)
May 20, 2022
Unrestricted Upload of File with Dangerous Type in Elefant CMS
High
CVE-2017-20063
was published
for
elefant/cms
(Composer)
Jun 21, 2022
Feehi CMS arbitrary code execution via crafted PHP file
High
CVE-2022-34971
was published
for
feehi/cms
(Composer)
Jul 28, 2022
Akeneo PIM Community Edition vulnerable to remote php code execution
High
CVE-2022-46157
was published
for
akeneo/pim-community-dev
(Composer)
Dec 9, 2022
elFinder unsafe upload filtering leading to remote code execution
High
CVE-2021-23394
was published
for
studio-42/elfinder
(Composer)
Jun 15, 2021
Arbitrary file upload in Fork CMS
High
CVE-2021-28931
was published
for
forkcms/forkcms
(Composer)
Sep 8, 2021
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
High
CVE-2021-3915
was published
for
ssddanbrown/bookstack
(Composer)
Nov 15, 2021
Arbitrary Code Execution in feehi/cms
High
CVE-2020-21322
was published
for
feehi/cms
(Composer)
Sep 20, 2021
Microweber vulnerable to unrestricted malicious uploads
High
CVE-2022-4732
was published
for
microweber/microweber
(Composer)
Dec 27, 2022
Thinkphp has a code logic error
High
CVE-2022-44289
was published
for
topthink/framework
(Composer)
Dec 6, 2022
Backdrop CMS Unrestricted File Upload vulnerability
High
CVE-2022-42092
was published
for
backdrop/backdrop
(Composer)
Oct 7, 2022
crater is vulnerable to Unrestricted Upload of File with Dangerous Type
High
CVE-2021-4080
was published
for
bytefury/crater
(Composer)
Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in Crater
High
CVE-2022-0242
was published
for
bytefury/crater
(Composer)
Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in pimcore
High
CVE-2022-0263
was published
for
pimcore/pimcore
(Composer)
Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in showdoc
High
CVE-2022-0409
was published
for
showdoc/showdoc
(Composer)
Feb 20, 2022
File upload restriction bypass in Zenario CMS
High
CVE-2022-23043
was published
for
tribalsystems/zenario
(Composer)
Feb 25, 2022
DataFlow upload remote code execution vulnerability
High
CVE-2021-41231
was published
for
openmage/magento-lts
(Composer)
Jan 27, 2023
laravel-admin has Arbitrary File Upload vulnerability
High
CVE-2023-24249
was published
for
encore/laravel-admin
(Composer)
Feb 27, 2023
cockpit-hq/cockpit is vulnerable to unrestricted file uploads
High
CVE-2023-1313
was published
for
cockpit-hq/cockpit
(Composer)
Mar 10, 2023
Unrestricted Upload of File with Dangerous Type in MODX Revolution
High
CVE-2022-26149
was published
for
modx/revolution
(Composer)
Feb 27, 2022
Unrestricted Uploads in Concrete5
High
CVE-2020-11476
was published
for
concrete5/concrete5
(Composer)
Nov 3, 2021
Uvdesk remote code execution vulnerability
High
CVE-2023-0265
was published
for
uvdesk/community-skeleton
(Composer)
Apr 5, 2023
ProTip!
Advisories are also available from the
GraphQL API