Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
Zenario allows authenticated admin users to upload PDF files containing malicious code Low
CVE-2024-45960 was published for tribalsystems/zenario (Composer) Oct 2, 2024
October allows an admin account to upload PDF containing malicious JavaScript Low
CVE-2024-45962 was published for october/october (Composer) Oct 2, 2024
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload Low
CVE-2024-47528 was published for librenms/librenms (Composer) Oct 1, 2024
minhnq1618
SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload... Low Unreviewed
CVE-2024-41731 was published Aug 13, 2024
SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload... Low Unreviewed
CVE-2024-28166 was published Aug 13, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11... Low Unreviewed
CVE-2024-6595 was published Jul 17, 2024
Due to missing verification of file type or content, SAP Enable Now allows an authenticated... Low Unreviewed
CVE-2024-34692 was published Jul 9, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload... Low Unreviewed
CVE-2023-47711 was published May 14, 2024
An undisclosed issue in Trusteer iOS SDK for mobile versions prior to 5.7 and Trusteer Android... Low Unreviewed
CVE-2022-42443 was published Feb 17, 2024
Jenkins temporary uploaded file created with insecure permissions Low
CVE-2023-43497 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 20, 2023
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected... Low Unreviewed
CVE-2023-3800 was published Jul 21, 2023
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type Low
CVE-2022-2872 was published for OctoPrint (pip) Sep 22, 2022
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious... Low Unreviewed
CVE-2022-22450 was published Jul 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database