Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,816
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <... Critical Unreviewed
CVE-2024-6209 was published Jul 5, 2024
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access High
CVE-2024-32498 was published for cinder (pip) Jul 5, 2024
Duplicate Advisory: Gogs allows deletion of internal files Critical
GHSA-2vgj-3pvg-xh4w was published for github.com/gogs/gogs (Go) Jul 4, 2024 withdrawn
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed
CVE-2024-4836 was published Jul 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may... Moderate Unreviewed
CVE-2024-5056 was published Jun 12, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS... Moderate Unreviewed
CVE-2024-23282 was published Jun 10, 2024
Files or Directories Accessible to External Parties in ProjectDiscovery Critical
CVE-2024-5262 was published for github.com/projectdiscovery/interactsh (Go) Jun 5, 2024
A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-5587 was published Jun 2, 2024
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-3564 was published Jun 1, 2024
A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It... Moderate Unreviewed
CVE-2024-5045 was published May 17, 2024
wolfictl leaks GitHub tokens to remote non-GitHub git servers Moderate
CVE-2024-35183 was published for github.com/wolfi-dev/wolfictl (Go) May 15, 2024
luhring
Scrapy allows redirect following in protocols other than HTTP Moderate
GHSA-23j4-mw76-5v7h was published for Scrapy (pip) May 14, 2024
An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-3037 was published May 14, 2024
Pterodactyl Wings vulnerable to Arbitrary File Write/Read High
CVE-2024-34066 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This... Moderate Unreviewed
CVE-2023-39479 was published May 3, 2024
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation... Moderate Unreviewed
CVE-2023-39480 was published May 3, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... High Unreviewed
CVE-2024-2759 was published Apr 4, 2024
In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is... Moderate Unreviewed
CVE-2024-3164 was published Apr 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed
CVE-2024-2052 was published Mar 18, 2024
A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded... Moderate Unreviewed
CVE-2023-45594 was published Mar 5, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21403 was published Feb 13, 2024
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with... Moderate Unreviewed
CVE-2024-22240 was published Feb 6, 2024
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed
CVE-2024-24161 was published Feb 2, 2024
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed
CVE-2023-4550 was published Jan 29, 2024
A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified... Moderate Unreviewed
CVE-2024-1005 was published Jan 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database