Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112 advisories

Loading
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed
CVE-2024-57452 was published Feb 3, 2025
Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021... High Unreviewed
CVE-2023-29080 was published Jan 30, 2025
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior... High Unreviewed
CVE-2023-34316 was published Jul 10, 2023
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed
CVE-2024-45276 was published Oct 15, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC... High Unreviewed
CVE-2024-53649 was published Jan 14, 2025
The CGI script <redacted>.sh can be used to download any file on the filesystem. This issue... High Unreviewed
CVE-2024-43660 was published Jan 9, 2025
A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker... High Unreviewed
CVE-2024-52047 was published Dec 31, 2024
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation... High Unreviewed
CVE-2024-50627 was published Dec 10, 2024
Configuration Download vulnerabilities allow access to dependency configuration information. ... High Unreviewed
CVE-2024-51542 was published Dec 5, 2024
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the ... High Unreviewed
CVE-2023-36664 was published Jun 26, 2023
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... High Unreviewed
CVE-2024-2759 was published Apr 4, 2024
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it... High Unreviewed
CVE-2024-10526 was published Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote... High Unreviewed
CVE-2024-48647 was published Oct 30, 2024
Files on the Windows system are accessible without authentication to external parties due to a... High Unreviewed
CVE-2024-6911 was published Jul 22, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to... High Unreviewed
CVE-2024-39581 was published Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to... High Unreviewed
CVE-2024-36442 was published Aug 22, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers... High Unreviewed
CVE-2024-7729 was published Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration... High Unreviewed
CVE-2024-3913 was published Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),... High Unreviewed
CVE-2024-38876 was published Aug 2, 2024
Matrix Tafnit v8 -  CWE-552: Files or Directories Accessible to External Parties High Unreviewed
CVE-2024-38429 was published Jul 30, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed
CVE-2024-4836 was published Jul 2, 2024
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database