GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,579
Composer 4,699
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,941
NuGet 708
pip 3,708
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,362

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,034 advisories

Filter by severity

Sort by

Least recently updated

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... High Unreviewed

CVE-2022-27925 was published Apr 22, 2022

Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... High Unreviewed

CVE-2022-27478 was published Apr 22, 2022

An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code... High Unreviewed

CVE-2022-28440 was published Apr 22, 2022

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of... High Unreviewed

CVE-2022-1329 was published Apr 20, 2022

The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file,... High Unreviewed

CVE-2022-1008 was published Apr 12, 2022

Musical World v1 was discovered to contain an arbitrary file upload vulnerability via... High Unreviewed

CVE-2022-27064 was published Apr 9, 2022

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via... High Unreviewed

CVE-2022-27349 was published Apr 9, 2022

Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via ... High Unreviewed

CVE-2022-27346 was published Apr 9, 2022

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability... High Unreviewed

CVE-2022-27352 was published Apr 9, 2022

AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post... High Unreviewed

CVE-2022-27061 was published Apr 9, 2022

RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin... High Unreviewed

CVE-2021-46367 was published Apr 9, 2022

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write... High Unreviewed

CVE-2022-26627 was published Apr 8, 2022

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver... High Unreviewed

CVE-2021-43430 was published Apr 8, 2022

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow... High Unreviewed

CVE-2022-26607 was published Apr 7, 2022

eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload... High Unreviewed

CVE-2022-26605 was published Apr 7, 2022

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the... High Unreviewed

CVE-2022-26619 was published Apr 6, 2022

Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via ... High Unreviewed

CVE-2022-26630 was published Apr 6, 2022

An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote... High Unreviewed

CVE-2022-27249 was published Apr 5, 2022

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component... High Unreviewed

CVE-2022-28062 was published Apr 5, 2022

An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0... High Unreviewed

CVE-2022-27435 was published Apr 5, 2022

The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the... High Unreviewed

CVE-2022-0537 was published Apr 5, 2022

The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the... High Unreviewed

CVE-2022-0403 was published Apr 5, 2022

An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed... High Unreviewed

CVE-2020-28062 was published Apr 5, 2022

A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an... High Unreviewed

CVE-2021-32961 was published Apr 3, 2022

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload... High Unreviewed

CVE-2022-23155 was published Apr 2, 2022

Previous 1 2 … 37 38 39 40 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,034 advisories