Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+

743 advisories

Loading
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for... Moderate Unreviewed
CVE-2018-0587 was published May 13, 2022
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via... Moderate Unreviewed
CVE-2017-11405 was published May 13, 2022
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via... Moderate Unreviewed
CVE-2017-11404 was published May 13, 2022
IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload... Moderate Unreviewed
CVE-2019-4056 was published May 24, 2022
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a... Moderate Unreviewed
CVE-2019-9692 was published May 14, 2022
An arbitrary file upload vulnerability in the component /dede/file_manage_control.php of Dedecms... Moderate Unreviewed
CVE-2022-43192 was published Nov 18, 2022
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number... Moderate Unreviewed
CVE-2018-18565 was published May 14, 2022
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5,... Moderate Unreviewed
CVE-2018-16097 was published May 14, 2022
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system... Moderate Unreviewed
CVE-2018-16093 was published May 14, 2022
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML... Moderate Unreviewed
CVE-2018-19421 was published May 14, 2022
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative... Moderate Unreviewed
CVE-2018-19420 was published May 14, 2022
SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=..... Moderate Unreviewed
CVE-2018-16821 was published May 14, 2022
In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an... Moderate Unreviewed
CVE-2018-16397 was published May 14, 2022
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager... Moderate Unreviewed
CVE-2018-16373 was published May 14, 2022
An unauthorized user could alter or write files with full control over the path and content of... Moderate Unreviewed
CVE-2022-46660 was published Jan 18, 2023
In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard... Moderate Unreviewed
CVE-2018-10521 was published May 14, 2022
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated,... Moderate Unreviewed
CVE-2017-12332 was published May 17, 2022
IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload... Moderate Unreviewed
CVE-2016-0354 was published May 17, 2022
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management... Moderate Unreviewed
CVE-2021-46078 was published Jan 7, 2022
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before... Moderate Unreviewed
CVE-2022-23026 was published Jan 26, 2022
Unrestricted Upload of File with Dangerous Type in jsdecena/laracom Moderate
CVE-2022-0472 was published for jsdecena/laracom (Composer) Feb 6, 2022
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress... Moderate Unreviewed
CVE-2021-24960 was published Mar 8, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6,... Moderate Unreviewed
CVE-2022-3478 was published Jan 26, 2023
Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. Moderate Unreviewed
CVE-2020-10934 was published May 24, 2022
Pimcore contains Unrestricted Upload of File with Dangerous Type Moderate
CVE-2023-23937 was published for pimcore/pimcore (Composer) Feb 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database