GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,783
Composer 4,757
Erlang 35
GitHub Actions 29
Go 2,327
Maven 5,611
npm 3,960
NuGet 712
pip 3,741
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,490

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,040 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed

CVE-2023-39548 was published Nov 17, 2023

In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been... High Unreviewed

CVE-2023-42659 was published Nov 14, 2023

RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote... High Unreviewed

CVE-2023-33480 was published Nov 14, 2023

Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation... High Unreviewed

CVE-2023-41725 was published Nov 3, 2023

Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it... High Unreviewed

CVE-2023-41357 was published Nov 3, 2023

The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2023-5860 was published Nov 2, 2023

An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary... High Unreviewed

CVE-2023-46428 was published Nov 1, 2023

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24... High Unreviewed

CVE-2023-1713 was published Nov 1, 2023

An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. An Unrestricted File... High Unreviewed

CVE-2023-46815 was published Oct 27, 2023

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code... High Unreviewed

CVE-2023-45555 was published Oct 25, 2023

Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows... High Unreviewed

CVE-2023-26578 was published Oct 25, 2023

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service... High Unreviewed

CVE-2023-5524 was published Oct 20, 2023

HCL Compass is vulnerable to lack of file upload security. An attacker could upload files... High Unreviewed

CVE-2023-37502 was published Oct 19, 2023

Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the... High Unreviewed

CVE-2023-46004 was published Oct 18, 2023

eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability... High Unreviewed

CVE-2023-41631 was published Oct 18, 2023

An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via... High Unreviewed

CVE-2023-44824 was published Oct 17, 2023

Unrestricted upload of file with dangerous type vulnerability in create template function in... High Unreviewed

CVE-2023-34207 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to... High Unreviewed

CVE-2022-22375 was published Oct 17, 2023

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to... High Unreviewed

CVE-2023-35018 was published Oct 16, 2023

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an... High Unreviewed

CVE-2023-45353 was published Oct 9, 2023

File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker... High Unreviewed

CVE-2023-44061 was published Oct 7, 2023

File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated... High Unreviewed

CVE-2023-43321 was published Oct 5, 2023

An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to... High Unreviewed

CVE-2023-43838 was published Oct 4, 2023

This vulnerability allows an authenticated attacker to upload malicious files by bypassing the... High Unreviewed

CVE-2023-4817 was published Oct 3, 2023

The file upload functionality is not implemented correctly and allows uploading of any type of... High Unreviewed

CVE-2023-4097 was published Oct 3, 2023

Previous 1 2 … 10 11 12 13 14 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,040 advisories