GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,029 advisories
Filter by severity
Infinite loop in .Net Bond
High
CVE-2020-1469
was published
for
Bond.Core.CSharp
(NuGet)
Apr 8, 2022
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver...
High
Unreviewed
CVE-2021-43430
was published
Apr 8, 2022
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write...
High
Unreviewed
CVE-2022-26627
was published
Apr 8, 2022
A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow...
High
Unreviewed
CVE-2022-26607
was published
Apr 7, 2022
eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload...
High
Unreviewed
CVE-2022-26605
was published
Apr 7, 2022
Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the...
High
Unreviewed
CVE-2022-26619
was published
Apr 6, 2022
Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via ...
High
Unreviewed
CVE-2022-26630
was published
Apr 6, 2022
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component...
High
Unreviewed
CVE-2022-28062
was published
Apr 5, 2022
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote...
High
Unreviewed
CVE-2022-27249
was published
Apr 5, 2022
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0...
High
Unreviewed
CVE-2022-27435
was published
Apr 5, 2022
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the...
High
Unreviewed
CVE-2022-0403
was published
Apr 5, 2022
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the...
High
Unreviewed
CVE-2022-0537
was published
Apr 5, 2022
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed...
High
Unreviewed
CVE-2020-28062
was published
Apr 5, 2022
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an...
High
Unreviewed
CVE-2021-32961
was published
Apr 3, 2022
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload...
High
Unreviewed
CVE-2022-23155
was published
Apr 2, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4
High
CVE-2021-34257
was published
for
wpanel/wpanel4-cms
(Composer)
Apr 1, 2022
Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to...
High
Unreviewed
CVE-2022-28223
was published
Mar 31, 2022
A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType...
High
Unreviewed
CVE-2021-43101
was published
Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function,...
High
Unreviewed
CVE-2021-43102
was published
Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function...
High
Unreviewed
CVE-2021-43100
was published
Mar 30, 2022
A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function.
High
Unreviewed
CVE-2021-43098
was published
Mar 30, 2022
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function...
High
Unreviewed
CVE-2021-43103
was published
Mar 30, 2022
Unrestricted Upload of File with Dangerous Type in Gogs
High
CVE-2022-0415
was published
for
gogs.io/gogs
(Go)
Mar 28, 2022
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not...
High
Unreviewed
CVE-2021-40905
was published
Mar 27, 2022
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior...
High
Unreviewed
CVE-2022-1033
was published
Mar 24, 2022
ProTip!
Advisories are also available from the
GraphQL API