GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,503 advisories
Filter by severity
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows...
Critical
Unreviewed
CVE-2022-26645
was published
Apr 1, 2022
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the...
High
Unreviewed
CVE-2022-0403
was published
Apr 5, 2022
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an...
High
Unreviewed
CVE-2021-32961
was published
Apr 3, 2022
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component...
High
Unreviewed
CVE-2022-28062
was published
Apr 5, 2022
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *...
Critical
Unreviewed
CVE-2021-28428
was published
Apr 6, 2022
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed...
High
Unreviewed
CVE-2020-28062
was published
Apr 5, 2022
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type...
Critical
Unreviewed
CVE-2022-24136
was published
Apr 1, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4
High
CVE-2021-34257
was published
for
wpanel/wpanel4-cms
(Composer)
Apr 1, 2022
Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via ...
High
Unreviewed
CVE-2022-26630
was published
Apr 6, 2022
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0...
High
Unreviewed
CVE-2022-27435
was published
Apr 5, 2022
eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload...
High
Unreviewed
CVE-2022-26605
was published
Apr 7, 2022
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver...
High
Unreviewed
CVE-2021-43430
was published
Apr 8, 2022
Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability...
High
Unreviewed
CVE-2022-27352
was published
Apr 9, 2022
RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin...
High
Unreviewed
CVE-2021-46367
was published
Apr 9, 2022
Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the...
High
Unreviewed
CVE-2022-26619
was published
Apr 6, 2022
Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via ...
High
Unreviewed
CVE-2022-27346
was published
Apr 9, 2022
Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via...
High
Unreviewed
CVE-2022-27349
was published
Apr 9, 2022
A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow...
High
Unreviewed
CVE-2022-26607
was published
Apr 7, 2022
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote...
High
Unreviewed
CVE-2022-27249
was published
Apr 5, 2022
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the...
High
Unreviewed
CVE-2022-0537
was published
Apr 5, 2022
An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to...
Critical
Unreviewed
CVE-2022-27131
was published
Apr 11, 2022
Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at ...
Critical
Unreviewed
CVE-2022-27477
was published
Apr 11, 2022
Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via ...
Critical
Unreviewed
CVE-2022-27357
was published
Apr 9, 2022
mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.
Critical
Unreviewed
CVE-2022-27047
was published
Apr 9, 2022
An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to...
Critical
Unreviewed
CVE-2022-27129
was published
Apr 11, 2022
ProTip!
Advisories are also available from the
GraphQL API