Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
Edit template, Remote Code Execution (RCE) Vulnerability in Latest Release 4.4.0 High
CVE-2020-15277 was published for baserproject/basercms (Composer) Oct 30, 2020
Aquilao
Unrestricted Upload of File with Dangerous Type in ShowDoc High
CVE-2022-1034 was published for showdoc/showdoc (Composer) Mar 23, 2022
Unrestricted Upload of File with Dangerous Type in WPanel 4 High
CVE-2021-34257 was published for wpanel/wpanel4-cms (Composer) Apr 1, 2022
Arbitrary file upload in ShopXO High
CVE-2021-41938 was published for shopxo/shopxo (Composer) May 20, 2022
Unrestricted Upload of File with Dangerous Type in Elefant CMS High
CVE-2017-20063 was published for elefant/cms (Composer) Jun 21, 2022
Feehi CMS arbitrary code execution via crafted PHP file High
CVE-2022-34971 was published for feehi/cms (Composer) Jul 28, 2022
Akeneo PIM Community Edition vulnerable to remote php code execution High
CVE-2022-46157 was published for akeneo/pim-community-dev (Composer) Dec 9, 2022
elFinder unsafe upload filtering leading to remote code execution High
CVE-2021-23394 was published for studio-42/elfinder (Composer) Jun 15, 2021
assaf-benjosef thomas-chauchefoin-sonarsource
Arbitrary file upload in Fork CMS High
CVE-2021-28931 was published for forkcms/forkcms (Composer) Sep 8, 2021
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-3915 was published for ssddanbrown/bookstack (Composer) Nov 15, 2021
Arbitrary Code Execution in feehi/cms High
CVE-2020-21322 was published for feehi/cms (Composer) Sep 20, 2021
Microweber vulnerable to unrestricted malicious uploads High
CVE-2022-4732 was published for microweber/microweber (Composer) Dec 27, 2022
Thinkphp has a code logic error High
CVE-2022-44289 was published for topthink/framework (Composer) Dec 6, 2022
Backdrop CMS Unrestricted File Upload vulnerability High
CVE-2022-42092 was published for backdrop/backdrop (Composer) Oct 7, 2022
crater is vulnerable to Unrestricted Upload of File with Dangerous Type High
CVE-2021-4080 was published for bytefury/crater (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in Crater High
CVE-2022-0242 was published for bytefury/crater (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in pimcore High
CVE-2022-0263 was published for pimcore/pimcore (Composer) Jan 21, 2022
Unrestricted Upload of File with Dangerous Type in showdoc High
CVE-2022-0409 was published for showdoc/showdoc (Composer) Feb 20, 2022
File upload restriction bypass in Zenario CMS High
CVE-2022-23043 was published for tribalsystems/zenario (Composer) Feb 25, 2022
DataFlow upload remote code execution vulnerability High
CVE-2021-41231 was published for openmage/magento-lts (Composer) Jan 27, 2023
laravel-admin has Arbitrary File Upload vulnerability High
CVE-2023-24249 was published for encore/laravel-admin (Composer) Feb 27, 2023
cockpit-hq/cockpit is vulnerable to unrestricted file uploads High
CVE-2023-1313 was published for cockpit-hq/cockpit (Composer) Mar 10, 2023
Unrestricted Upload of File with Dangerous Type in MODX Revolution High
CVE-2022-26149 was published for modx/revolution (Composer) Feb 27, 2022
Unrestricted Uploads in Concrete5 High
CVE-2020-11476 was published for concrete5/concrete5 (Composer) Nov 3, 2021
tdunlap607
Uvdesk remote code execution vulnerability High
CVE-2023-0265 was published for uvdesk/community-skeleton (Composer) Apr 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database