Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

102 advisories

Loading
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it... High Unreviewed
CVE-2024-10526 was published Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote... High Unreviewed
CVE-2024-48647 was published Oct 30, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed
CVE-2024-45276 was published Oct 15, 2024
Files on the Windows system are accessible without authentication to external parties due to a... High Unreviewed
CVE-2024-6911 was published Jul 22, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to... High Unreviewed
CVE-2024-39581 was published Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to... High Unreviewed
CVE-2024-36442 was published Aug 22, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers... High Unreviewed
CVE-2024-7729 was published Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration... High Unreviewed
CVE-2024-3913 was published Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),... High Unreviewed
CVE-2024-38876 was published Aug 2, 2024
Matrix Tafnit v8 -  CWE-552: Files or Directories Accessible to External Parties High Unreviewed
CVE-2024-38429 was published Jul 30, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed
CVE-2024-4836 was published Jul 2, 2024
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1... High Unreviewed
CVE-2023-38948 was published Aug 3, 2023
JavaScript pre-processing can be used by the attacker to gain access to the file system (read... High Unreviewed
CVE-2023-29450 was published Jul 13, 2023
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate... High Unreviewed
CVE-2023-2180 was published May 15, 2023
** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27... High Unreviewed
CVE-2019-13404 was published May 24, 2022
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed
CVE-2024-2052 was published Mar 18, 2024
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed
CVE-2024-24161 was published Feb 2, 2024
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed
CVE-2023-4550 was published Jan 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database