Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

269 advisories

Loading
Apache Struts vulnerable to path traversal Critical
CVE-2023-50164 was published for org.apache.struts:struts2-core (Maven) Dec 7, 2023
yoshizawa-masatoshi henrikplate
Tyler Technologies Court Case Management Plus may store backups in a location that can be... Moderate Unreviewed
CVE-2023-6375 was published Nov 30, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed
CVE-2023-39545 was published Nov 17, 2023
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-42534 was published Nov 13, 2023
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit... Moderate Unreviewed
CVE-2023-47612 was published Nov 9, 2023
The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4930 was published Nov 6, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to... High Unreviewed
CVE-2023-31017 was published Nov 2, 2023
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed
CVE-2023-5099 was published Oct 31, 2023
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution... High Unreviewed
CVE-2023-5199 was published Oct 30, 2023
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4933 was published Oct 16, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5101 was published Oct 9, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx... High Unreviewed
CVE-2023-20235 was published Oct 4, 2023
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This... Low Unreviewed
CVE-2023-5297 was published Sep 30, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002... Moderate Unreviewed
CVE-2023-4588 was published Sep 6, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic.... Low Unreviewed
CVE-2023-4743 was published Sep 4, 2023
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local... Moderate Unreviewed
CVE-2023-41717 was published Aug 31, 2023
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an... Moderate Unreviewed
CVE-2023-4475 was published Aug 22, 2023
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1... High Unreviewed
CVE-2023-38948 was published Aug 3, 2023
In multiple Codesys products in multiple versions, after successful authentication as a user,... Moderate Unreviewed
CVE-2023-37551 was published Aug 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database