GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,551

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,036 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Atlassian Hipchat Server before 2.2.4 allows remote authenticated users with user level... High Unreviewed

CVE-2017-8080 was published May 13, 2022

The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file... High Unreviewed

CVE-2017-5520 was published May 13, 2022

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR... High Unreviewed

CVE-2017-2699 was published May 13, 2022

Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places... High Unreviewed

CVE-2017-17593 was published May 13, 2022

An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass the implemented restrictions... High Unreviewed

CVE-2017-11326 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed

CVE-2017-10940 was published May 13, 2022

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before... High Unreviewed

CVE-2017-11154 was published May 13, 2022

An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess... High Unreviewed

CVE-2017-16736 was published May 13, 2022

hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker... High Unreviewed

CVE-2017-2617 was published May 13, 2022

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in... High Unreviewed

CVE-2017-3189 was published May 13, 2022

A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2... High Unreviewed

CVE-2018-12468 was published May 13, 2022

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or... High Unreviewed

CVE-2018-1453 was published May 13, 2022

IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to... High Unreviewed

CVE-2018-1552 was published May 13, 2022

The Junos Space application, which allows Device Image files to be uploaded, has insufficient... High Unreviewed

CVE-2019-0017 was published May 13, 2022

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo... High Unreviewed

CVE-2019-5009 was published May 13, 2022

An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions:... High Unreviewed

CVE-2017-13156 was published May 13, 2022

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true... High Unreviewed

CVE-2018-12263 was published May 13, 2022

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert... High Unreviewed

CVE-2018-6860 was published May 13, 2022

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user... High Unreviewed

CVE-2018-18382 was published May 13, 2022

Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the ... High Unreviewed

CVE-2017-14123 was published May 13, 2022

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file... High Unreviewed

CVE-2015-9228 was published May 13, 2022

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before... High Unreviewed

CVE-2018-12980 was published May 13, 2022

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an... High Unreviewed

CVE-2019-8942 was published May 13, 2022

An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic... High Unreviewed

CVE-2017-9650 was published May 13, 2022

Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in... High Unreviewed

CVE-2018-1265 was published May 13, 2022

Previous 1 2 … 35 36 37 38 39 40 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,036 advisories