GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
257 advisories
Filter by severity
Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A...
Moderate
Unreviewed
CVE-2023-48661
was published
Dec 14, 2023
Tyler Technologies Court Case Management Plus may store backups in a location that can be...
Moderate
Unreviewed
CVE-2023-6375
was published
Nov 30, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X...
High
Unreviewed
CVE-2023-39545
was published
Nov 17, 2023
Local Temp Directory Hijacking Vulnerability
High
CVE-2020-27216
was published
for
org.eclipse.jetty:jetty-webapp
(Maven)
Nov 4, 2020
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4...
High
Unreviewed
CVE-2021-31831
was published
May 24, 2022
The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the...
Moderate
Unreviewed
CVE-2023-4930
was published
Nov 6, 2023
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which...
High
Unreviewed
CVE-2021-44315
was published
Dec 17, 2021
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-42534
was published
Nov 13, 2023
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution...
High
Unreviewed
CVE-2023-5199
was published
Oct 30, 2023
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in...
High
Unreviewed
CVE-2023-5099
was published
Oct 31, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to...
High
Unreviewed
CVE-2023-31017
was published
Nov 2, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction...
High
Unreviewed
CVE-2023-45160
was published
Oct 5, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic....
Low
Unreviewed
CVE-2023-4743
was published
Sep 4, 2023
Apache InLong has Files or Directories Accessible to External Parties
High
CVE-2023-31064
was published
for
org.apache.inlong:manager-workflow
(Maven)
Jul 6, 2023
Apache InLong has Files or Directories Accessible to External Parties in Apache InLong
Critical
CVE-2023-31066
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit...
Moderate
Unreviewed
CVE-2023-47612
was published
Nov 9, 2023
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This...
Low
Unreviewed
CVE-2023-5297
was published
Sep 30, 2023
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some...
Moderate
Unreviewed
CVE-2023-2766
was published
May 17, 2023
Dolibarr vulnerable to unauthenticated database access
High
CVE-2023-33568
was published
for
dolibarr/dolibarr
(Composer)
Jun 13, 2023
In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file
Low
CVE-2023-32684
was published
for
github.com/lima-vm/lima
(Go)
May 31, 2023
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2021-1512
was published
May 24, 2022
The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly...
Moderate
Unreviewed
CVE-2022-2834
was published
Oct 17, 2022
Missing authorization in xwiki-platform
Moderate
CVE-2022-23621
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Feb 9, 2022
Keycloak has Files or Directories Accessible to External Parties
Moderate
CVE-2021-3856
was published
for
org.keycloak:keycloak-core
(Maven)
Aug 27, 2022
ProTip!
Advisories are also available from the
GraphQL API