GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
397 advisories
Filter by severity
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management...
Moderate
Unreviewed
CVE-2021-46078
was published
Jan 7, 2022
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before...
Moderate
Unreviewed
CVE-2022-23026
was published
Jan 26, 2022
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress...
Moderate
Unreviewed
CVE-2021-24960
was published
Mar 8, 2022
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
Moderate
Unreviewed
CVE-2022-1045
was published
Apr 12, 2022
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which...
Moderate
Unreviewed
CVE-2004-2262
was published
Apr 29, 2022
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote...
Moderate
Unreviewed
CVE-2001-1099
was published
Apr 30, 2022
The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that...
Moderate
Unreviewed
CVE-2002-1841
was published
Apr 30, 2022
BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for...
Moderate
Unreviewed
CVE-2005-0254
was published
May 1, 2022
Mailsite Express allows remote attackers to upload and execute files with executable extensions...
Moderate
Unreviewed
CVE-2005-3288
was published
May 1, 2022
add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading...
Moderate
Unreviewed
CVE-2006-2428
was published
May 1, 2022
The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users...
Moderate
Unreviewed
CVE-2006-4471
was published
May 1, 2022
Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated...
Moderate
Unreviewed
CVE-2006-5845
was published
May 1, 2022
Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier,...
Moderate
Unreviewed
CVE-2006-6994
was published
May 1, 2022
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG...
Moderate
Unreviewed
CVE-2016-10258
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2018-15424
was published
May 13, 2022
Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload...
Moderate
Unreviewed
CVE-2018-4921
was published
May 13, 2022
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for...
Moderate
Unreviewed
CVE-2018-0587
was published
May 13, 2022
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user...
Moderate
Unreviewed
CVE-2018-15333
was published
May 13, 2022
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via...
Moderate
Unreviewed
CVE-2017-11404
was published
May 13, 2022
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via...
Moderate
Unreviewed
CVE-2017-11405
was published
May 13, 2022
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a...
Moderate
Unreviewed
CVE-2019-9692
was published
May 14, 2022
Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to...
Moderate
Unreviewed
CVE-2019-8394
was published
May 14, 2022
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system...
Moderate
Unreviewed
CVE-2018-16093
was published
May 14, 2022
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5,...
Moderate
Unreviewed
CVE-2018-16097
was published
May 14, 2022
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number...
Moderate
Unreviewed
CVE-2018-18565
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API