GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
139 advisories
Filter by severity
FeehiCMS Unrestricted Upload vulnerability
Moderate
CVE-2021-36573
was published
for
feehi/feehicms
(Composer)
Dec 15, 2022
Akeneo PIM Community Edition vulnerable to remote php code execution
High
CVE-2022-46157
was published
for
akeneo/pim-community-dev
(Composer)
Dec 9, 2022
Thinkphp has a code logic error
High
CVE-2022-44289
was published
for
topthink/framework
(Composer)
Dec 6, 2022
Badaso vulnerable to Remote Code Execution (RCE)
Critical
CVE-2022-41705
was published
for
badaso/core
(Composer)
Nov 25, 2022
easyii CMS's File Upload Management vulnerable to unrestricted upload
Critical
CVE-2022-3771
was published
for
noumo/easyii
(Composer)
Oct 31, 2022
Badaso vulnerable to Remote Code Execution via malicious file upload
Critical
CVE-2022-41711
was published
for
badaso/core
(Composer)
Oct 26, 2022
Backdrop CMS Unrestricted File Upload vulnerability
High
CVE-2022-42092
was published
for
backdrop/backdrop
(Composer)
Oct 7, 2022
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
Critical
CVE-2022-38916
was published
for
pagekit/pagekit
(Composer)
Sep 21, 2022
FeehiCMS has an arbitrary file upload vulnerability
Critical
CVE-2020-21516
was published
for
feehi/cms
(Composer)
Sep 7, 2022
Drupal core arbitrary PHP code execution
High
CVE-2022-25277
was published
for
drupal/core
(Composer)
Aug 6, 2022
Feehi CMS arbitrary code execution via crafted PHP file
High
CVE-2022-34971
was published
for
feehi/cms
(Composer)
Jul 28, 2022
Unrestricted Upload of File with Dangerous Type in Elefant CMS
High
CVE-2017-20063
was published
for
elefant/cms
(Composer)
Jun 21, 2022
Unrestricted File Upload vulnerability in Firefly III
High
CVE-2021-3846
was published
for
grumpydictator/firefly-iii
(Composer)
May 24, 2022
ShopXO RCE Vulnerability
Critical
CVE-2021-27817
was published
for
shopxo/shopxo
(Composer)
May 24, 2022
Magento vulnerable to a file upload restriction bypass
Critical
CVE-2021-21014
was published
for
magento/community-edition
(Composer)
May 24, 2022
Feehi CMS arbitrary file upload vulnerability
High
CVE-2020-22643
was published
for
feehi/cms
(Composer)
May 24, 2022
Magento 2 Community Edition RCE via Unsafe File Upload
Critical
CVE-2020-24407
was published
for
magento/community-edition
(Composer)
May 24, 2022
Dolibarr Unrestricted Upload of File with Dangerous Type
High
CVE-2020-14209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Silverstripe CMS malicious file upload enables script execution
High
CVE-2020-9309
was published
for
silverstripe/cms
(Composer)
May 24, 2022
Microweber allows Unrestricted File Upload
High
CVE-2020-13241
was published
for
microweber/microweber
(Composer)
May 24, 2022
SilverStripe Folders migrated from 3.x may be unsafe to upload to
High
CVE-2020-9280
was published
for
silverstripe/assets
(Composer)
May 24, 2022
FrozenNode Laravel-Administrator unrestricted file upload
High
CVE-2020-10963
was published
for
frozennode/administrator
(Composer)
May 24, 2022
Magento Unrestricted file upload vulnerability
Moderate
CVE-2019-8140
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Information Disclosure via File upload functionality
High
CVE-2019-8093
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8114
was published
for
magento/community-edition
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API