Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

122 advisories

Loading
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to... High Unreviewed
CVE-2024-39581 was published Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to... High Unreviewed
CVE-2024-36442 was published Aug 22, 2024
Apache SeaTunnel SQL Injection vulnerability High
CVE-2023-49198 was published for org.apache.seatunnel:seatunnel (Maven) Aug 21, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers... High Unreviewed
CVE-2024-7729 was published Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration... High Unreviewed
CVE-2024-3913 was published Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),... High Unreviewed
CVE-2024-38876 was published Aug 2, 2024
Matrix Tafnit v8 -  CWE-552: Files or Directories Accessible to External Parties High Unreviewed
CVE-2024-38429 was published Jul 30, 2024
Files on the Windows system are accessible without authentication to external parties due to a... High Unreviewed
CVE-2024-6911 was published Jul 22, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed
CVE-2024-4836 was published Jul 2, 2024
Pterodactyl Wings vulnerable to Arbitrary File Write/Read High
CVE-2024-34066 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed
CVE-2024-2052 was published Mar 18, 2024
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed
CVE-2024-24161 was published Feb 2, 2024
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed
CVE-2023-4550 was published Jan 29, 2024
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to... High Unreviewed
CVE-2023-6266 was published Jan 11, 2024
The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2... High Unreviewed
CVE-2023-6114 was published Dec 26, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed
CVE-2023-39545 was published Nov 17, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to... High Unreviewed
CVE-2023-31017 was published Nov 2, 2023
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed
CVE-2023-5099 was published Oct 31, 2023
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution... High Unreviewed
CVE-2023-5199 was published Oct 30, 2023
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx... High Unreviewed
CVE-2023-20235 was published Oct 4, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
ProTip! Advisories are also available from the GraphQL API