Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,966
NuGet
713
pip
3,759
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,045 advisories

Loading
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to include arbitrary files,... High Unreviewed
CVE-2017-1499 was published May 14, 2022
A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions... High Unreviewed
CVE-2017-9970 was published May 14, 2022
In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application... High Unreviewed
CVE-2018-7217 was published May 14, 2022
An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell... High Unreviewed
CVE-2018-1215 was published May 14, 2022
** DISPUTED ** In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5... High Unreviewed
CVE-2018-7567 was published May 14, 2022
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in... High Unreviewed
CVE-2016-1713 was published May 14, 2022
** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1... High Unreviewed
CVE-2018-9157 was published May 14, 2022
** DISPUTED ** An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1... High Unreviewed
CVE-2018-9156 was published May 14, 2022
Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which... High Unreviewed
CVE-2018-9037 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because... High Unreviewed
CVE-2018-10173 was published May 14, 2022
The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP... High Unreviewed
CVE-2018-9153 was published May 14, 2022
** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to... High Unreviewed
CVE-2018-10795 was published May 14, 2022
Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows... High Unreviewed
CVE-2018-10760 was published May 14, 2022
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?... High Unreviewed
CVE-2018-11098 was published May 14, 2022
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows... High Unreviewed
CVE-2018-0568 was published May 14, 2022
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR... High Unreviewed
CVE-2018-11322 was published May 14, 2022
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a... High Unreviewed
CVE-2018-11514 was published May 14, 2022
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as... High Unreviewed
CVE-2018-11196 was published May 14, 2022
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker... High Unreviewed
CVE-2018-12519 was published May 14, 2022
An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can... High Unreviewed
CVE-2018-13021 was published May 14, 2022
Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via... High Unreviewed
CVE-2018-13024 was published May 14, 2022
Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic... High Unreviewed
CVE-2018-11638 was published May 14, 2022
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file... High Unreviewed
CVE-2018-12528 was published May 14, 2022
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could... High Unreviewed
CVE-2017-16251 was published May 14, 2022
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php... High Unreviewed
CVE-2018-1000619 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database