Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,764
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

480 advisories

Loading
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with... Moderate Unreviewed
CVE-2019-19493 was published May 24, 2022
Magento Unrestricted file upload vulnerability Moderate
CVE-2019-8140 was published for magento/community-edition (Composer) May 24, 2022
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local... Moderate Unreviewed
CVE-2019-17325 was published May 24, 2022
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the... Moderate Unreviewed
CVE-2019-17536 was published May 24, 2022
An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to... Moderate Unreviewed
CVE-2019-14916 was published May 24, 2022
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation... Moderate Unreviewed
CVE-2019-14748 was published May 24, 2022
cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload... Moderate Unreviewed
CVE-2018-20925 was published May 24, 2022
IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload... Moderate Unreviewed
CVE-2019-4056 was published May 24, 2022
An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any... Moderate Unreviewed
CVE-2017-11561 was published May 24, 2022
An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload,... Moderate Unreviewed
CVE-2019-6513 was published May 24, 2022
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary... Moderate Unreviewed
CVE-2019-8404 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0... Moderate Unreviewed
CVE-2022-22482 was published May 18, 2022
MoinMoin Multiple unrestricted file upload vulnerabilities Moderate
CVE-2012-6081 was published for moin (pip) May 17, 2022
Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine ... Moderate Unreviewed
CVE-2016-2914 was published May 17, 2022
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before... Moderate Unreviewed
CVE-2015-4524 was published May 17, 2022
IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an... Moderate Unreviewed
CVE-2016-8973 was published May 17, 2022
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low... Moderate Unreviewed
CVE-2017-7989 was published May 17, 2022
The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-4463 was published May 17, 2022
Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5... Moderate Unreviewed
CVE-2015-4462 was published May 17, 2022
IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload... Moderate Unreviewed
CVE-2016-0354 was published May 17, 2022
Mojoomla Annual Maintenance Contract (AMC) Management System allows Arbitrary File Upload in... Moderate Unreviewed
CVE-2017-14841 was published May 17, 2022
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated,... Moderate Unreviewed
CVE-2017-12332 was published May 17, 2022
In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard... Moderate Unreviewed
CVE-2018-10521 was published May 14, 2022
baserCMS arbitrary file upload vulnerability Moderate
CVE-2018-0571 was published for baserproject/basercms (Composer) May 14, 2022
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager... Moderate Unreviewed
CVE-2018-16373 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database