Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

120 advisories

Loading
Some Dahua software products have a vulnerability of unrestricted download of file. After... Moderate Unreviewed
CVE-2022-45426 was published Dec 27, 2022
The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it... Moderate Unreviewed
CVE-2022-4236 was published Jan 3, 2023
A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient... Moderate Unreviewed
CVE-2022-45052 was published Jan 4, 2023
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0... Moderate Unreviewed
CVE-2022-45440 was published Jan 17, 2023
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
The All-In-One Security (AIOS) WordPress plugin before 5.1.3 leaked settings of the plugin... Moderate Unreviewed
CVE-2022-4346 was published Jan 23, 2023
lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction... Moderate Unreviewed
CVE-2022-48094 was published Feb 1, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1... Moderate Unreviewed
CVE-2023-29107 was published May 9, 2023
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some... Moderate Unreviewed
CVE-2023-2766 was published May 17, 2023
Guava vulnerable to insecure use of temporary directory Moderate
CVE-2023-2976 was published for com.google.guava:guava (Maven) Jun 14, 2023
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan... Moderate Unreviewed
CVE-2023-2538 was published Jul 5, 2023
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users... Moderate Unreviewed
CVE-2023-32226 was published Jul 30, 2023
In multiple Codesys products in multiple versions, after successful authentication as a user,... Moderate Unreviewed
CVE-2023-37551 was published Aug 3, 2023
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an... Moderate Unreviewed
CVE-2023-4475 was published Aug 22, 2023
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local... Moderate Unreviewed
CVE-2023-41717 was published Aug 31, 2023
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002... Moderate Unreviewed
CVE-2023-4588 was published Sep 6, 2023
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5101 was published Oct 9, 2023
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4933 was published Oct 16, 2023
The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4930 was published Nov 6, 2023
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit... Moderate Unreviewed
CVE-2023-47612 was published Nov 9, 2023
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-42534 was published Nov 13, 2023
Tyler Technologies Court Case Management Plus may store backups in a location that can be... Moderate Unreviewed
CVE-2023-6375 was published Nov 30, 2023
The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory,... Moderate Unreviewed
CVE-2023-5907 was published Dec 11, 2023
Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A... Moderate Unreviewed
CVE-2023-48661 was published Dec 14, 2023
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation... Moderate Unreviewed
CVE-2023-52112 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database