GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
211 advisories
Filter by severity
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to...
High
Unreviewed
CVE-2024-39581
was published
Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to...
High
Unreviewed
CVE-2024-36442
was published
Aug 22, 2024
Priority – CWE-552: Files or Directories Accessible to External Parties
Moderate
Unreviewed
CVE-2024-41699
was published
Aug 20, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-7729
was published
Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration...
High
Unreviewed
CVE-2024-3913
was published
Aug 13, 2024
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series
v <...
Critical
Unreviewed
CVE-2024-6209
was published
Jul 5, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),...
High
Unreviewed
CVE-2024-38876
was published
Aug 2, 2024
Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
High
Unreviewed
CVE-2024-38429
was published
Jul 30, 2024
In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is...
Moderate
Unreviewed
CVE-2024-3164
was published
Apr 2, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25...
High
Unreviewed
CVE-2024-4836
was published
Jul 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may...
Moderate
Unreviewed
CVE-2024-5056
was published
Jun 12, 2024
A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-5587
was published
Jun 2, 2024
A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It...
Moderate
Unreviewed
CVE-2024-5045
was published
May 17, 2024
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation...
Moderate
Unreviewed
CVE-2023-39480
was published
May 3, 2024
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This...
Moderate
Unreviewed
CVE-2023-39479
was published
May 3, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-21403
was published
Feb 13, 2024
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end...
High
Unreviewed
CVE-2023-33517
was published
Oct 24, 2023
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local...
Moderate
Unreviewed
CVE-2023-41717
was published
Aug 31, 2023
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could...
High
Unreviewed
CVE-2020-3267
was published
May 24, 2022
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read...
High
Unreviewed
CVE-2023-3155
was published
Oct 16, 2023
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an
unprivileged...
Moderate
Unreviewed
CVE-2023-5101
was published
Oct 9, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the...
High
Unreviewed
CVE-2023-43856
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API