GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
102 advisories
Filter by severity
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it...
High
Unreviewed
CVE-2024-10526
was published
Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote...
High
Unreviewed
CVE-2024-48647
was published
Oct 30, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to...
High
Unreviewed
CVE-2024-39581
was published
Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to...
High
Unreviewed
CVE-2024-36442
was published
Aug 22, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-7729
was published
Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration...
High
Unreviewed
CVE-2024-3913
was published
Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),...
High
Unreviewed
CVE-2024-38876
was published
Aug 2, 2024
Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
High
Unreviewed
CVE-2024-38429
was published
Jul 30, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25...
High
Unreviewed
CVE-2024-4836
was published
Jul 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could...
High
Unreviewed
CVE-2024-2052
was published
Mar 18, 2024
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming...
High
Unreviewed
CVE-2024-24161
was published
Feb 2, 2024
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in...
High
Unreviewed
CVE-2023-4550
was published
Jan 29, 2024
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to...
High
Unreviewed
CVE-2023-6266
was published
Jan 11, 2024
The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2...
High
Unreviewed
CVE-2023-6114
was published
Dec 26, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X...
High
Unreviewed
CVE-2023-39545
was published
Nov 17, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to...
High
Unreviewed
CVE-2023-31017
was published
Nov 2, 2023
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in...
High
Unreviewed
CVE-2023-5099
was published
Oct 31, 2023
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution...
High
Unreviewed
CVE-2023-5199
was published
Oct 30, 2023
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end...
High
Unreviewed
CVE-2023-33517
was published
Oct 24, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read...
High
Unreviewed
CVE-2023-3155
was published
Oct 16, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction...
High
Unreviewed
CVE-2023-45160
was published
Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx...
High
Unreviewed
CVE-2023-20235
was published
Oct 4, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the...
High
Unreviewed
CVE-2023-43856
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API