Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,052 advisories

Loading
Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action... High Unreviewed
CVE-2022-38877 was published Sep 17, 2022
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to... Critical Unreviewed
CVE-2022-40981 was published Nov 11, 2022
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component ... Critical Unreviewed
CVE-2022-43074 was published Nov 11, 2022
A vulnerability was found in jerryhanjj ERP. It has been declared as critical. Affected by this... High Unreviewed
CVE-2022-3944 was published Nov 11, 2022
The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress... High Unreviewed
CVE-2022-2594 was published Aug 23, 2022
A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script. It has been... High Unreviewed
CVE-2022-2909 was published Aug 21, 2022
Baijicms v4 was discovered to contain an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2022-35150 was published Aug 23, 2022
The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO... High Unreviewed
CVE-2019-8992 was published May 24, 2022
Linear eMerge E3-Series devices allow Unrestricted File Upload. Critical Unreviewed
CVE-2019-7257 was published May 24, 2022
Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php ... High Unreviewed
CVE-2022-40777 was published Oct 12, 2022
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2022-30887 was published May 21, 2022
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. Critical Unreviewed
CVE-2022-28104 was published May 21, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0... Moderate Unreviewed
CVE-2022-22482 was published May 18, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed
CVE-2022-41533 was published Oct 14, 2022
A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute... Critical Unreviewed
CVE-2022-28927 was published May 20, 2022
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. High Unreviewed
CVE-2022-1752 was published May 22, 2022
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Critical Unreviewed
CVE-2019-7274 was published May 24, 2022
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. Critical Unreviewed
CVE-2019-7268 was published May 24, 2022
Akeneo PIM Community Edition vulnerable to remote php code execution High
CVE-2022-46157 was published for akeneo/pim-community-dev (Composer) Dec 9, 2022
An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an... Critical Unreviewed
CVE-2019-9642 was published May 24, 2022
ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code... High Unreviewed
CVE-2019-12169 was published May 24, 2022
SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of... High Unreviewed
CVE-2019-12744 was published May 24, 2022
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible. High Unreviewed
CVE-2022-46828 was published Dec 8, 2022
SENS v1.0 has a file upload vulnerability. High Unreviewed
CVE-2022-45759 was published Dec 12, 2022
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared... Critical Unreviewed
CVE-2023-0257 was published Jan 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database