GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 246,969

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

121 advisories

Filter by severity

Sort by

Least recently updated

Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed

CVE-2024-12917 was published Feb 24, 2025

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205),... High Unreviewed

CVE-2024-11629 was published Feb 12, 2025

Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed

CVE-2024-55214 was published Feb 7, 2025

Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed

CVE-2024-55213 was published Feb 7, 2025

ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed

CVE-2024-57452 was published Feb 3, 2025

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021... High Unreviewed

CVE-2023-29080 was published Jan 30, 2025

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC... High Unreviewed

CVE-2024-53649 was published Jan 14, 2025

The CGI script <redacted>.sh can be used to download any file on the filesystem. This issue... High Unreviewed

CVE-2024-43660 was published Jan 9, 2025

A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker... High Unreviewed

CVE-2024-52047 was published Dec 31, 2024

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation... High Unreviewed

CVE-2024-50627 was published Dec 10, 2024

Configuration Download vulnerabilities allow access to dependency configuration information. ... High Unreviewed

CVE-2024-51542 was published Dec 5, 2024

Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it... High Unreviewed

CVE-2024-10526 was published Nov 7, 2024

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote... High Unreviewed

CVE-2024-48647 was published Oct 30, 2024

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed

CVE-2024-45276 was published Oct 15, 2024

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to... High Unreviewed

CVE-2024-39581 was published Sep 10, 2024

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to... High Unreviewed

CVE-2024-36442 was published Aug 22, 2024

The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers... High Unreviewed

CVE-2024-7729 was published Aug 14, 2024

An unauthenticated remote attacker can use this vulnerability to change the device configuration... High Unreviewed

CVE-2024-3913 was published Aug 13, 2024

A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),... High Unreviewed

CVE-2024-38876 was published Aug 2, 2024

Matrix Tafnit v8 - CWE-552: Files or Directories Accessible to External Parties High Unreviewed

CVE-2024-38429 was published Jul 30, 2024

Files on the Windows system are accessible without authentication to external parties due to a... High Unreviewed

CVE-2024-6911 was published Jul 22, 2024

Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed

CVE-2024-4836 was published Jul 2, 2024

The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed

CVE-2024-3564 was published Jun 1, 2024

Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... High Unreviewed

CVE-2024-2759 was published Apr 4, 2024

CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed

CVE-2024-2052 was published Mar 18, 2024

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

121 advisories