GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
115 advisories
Filter by severity
A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified...
Moderate
Unreviewed
CVE-2024-1005
was published
Jan 29, 2024
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with...
Moderate
Unreviewed
CVE-2024-22240
was published
Feb 6, 2024
A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded...
Moderate
Unreviewed
CVE-2023-45594
was published
Mar 5, 2024
In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is...
Moderate
Unreviewed
CVE-2024-3164
was published
Apr 2, 2024
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This...
Moderate
Unreviewed
CVE-2023-39479
was published
May 3, 2024
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation...
Moderate
Unreviewed
CVE-2023-39480
was published
May 3, 2024
Scrapy allows redirect following in protocols other than HTTP
Moderate
GHSA-23j4-mw76-5v7h
was published
for
Scrapy
(pip)
May 14, 2024
wolfictl leaks GitHub tokens to remote non-GitHub git servers
Moderate
CVE-2024-35183
was published
for
github.com/wolfi-dev/wolfictl
(Go)
May 15, 2024
A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It...
Moderate
Unreviewed
CVE-2024-5045
was published
May 17, 2024
A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-5587
was published
Jun 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may...
Moderate
Unreviewed
CVE-2024-5056
was published
Jun 12, 2024
Apache Linkis DataSource allows arbitrary file reading
Moderate
CVE-2023-41916
was published
for
org.apache.linkis:linkis-datasource
(Maven)
Jul 15, 2024
Apache Linkis arbitrary file deletion vulnerability
Moderate
CVE-2024-27182
was published
for
org.apache.linkis:linkis
(Maven)
Aug 2, 2024
Priority – CWE-552: Files or Directories Accessible to External Parties
Moderate
Unreviewed
CVE-2024-41699
was published
Aug 20, 2024
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API