Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

121 advisories

Loading
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed
CVE-2024-12917 was published Feb 24, 2025
Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <... High Unreviewed
CVE-2022-33901 was published Jul 23, 2022
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion. High Unreviewed
CVE-2023-25260 was published Mar 28, 2023
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-3564 was published Jun 1, 2024
amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion. High Unreviewed
CVE-2023-23330 was published Mar 28, 2023
The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests... High Unreviewed
CVE-2023-1124 was published Apr 3, 2023
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205),... High Unreviewed
CVE-2024-11629 was published Feb 12, 2025
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup... High Unreviewed
CVE-2023-27180 was published Apr 7, 2023
Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55213 was published Feb 7, 2025
Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55214 was published Feb 7, 2025
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed
CVE-2024-57452 was published Feb 3, 2025
Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021... High Unreviewed
CVE-2023-29080 was published Jan 30, 2025
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior... High Unreviewed
CVE-2023-34316 was published Jul 10, 2023
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed
CVE-2024-45276 was published Oct 15, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC... High Unreviewed
CVE-2024-53649 was published Jan 14, 2025
The CGI script <redacted>.sh can be used to download any file on the filesystem. This issue... High Unreviewed
CVE-2024-43660 was published Jan 9, 2025
A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker... High Unreviewed
CVE-2024-52047 was published Dec 31, 2024
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation... High Unreviewed
CVE-2024-50627 was published Dec 10, 2024
Configuration Download vulnerabilities allow access to dependency configuration information. ... High Unreviewed
CVE-2024-51542 was published Dec 5, 2024
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the ... High Unreviewed
CVE-2023-36664 was published Jun 26, 2023
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... High Unreviewed
CVE-2024-2759 was published Apr 4, 2024
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it... High Unreviewed
CVE-2024-10526 was published Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote... High Unreviewed
CVE-2024-48647 was published Oct 30, 2024
Files on the Windows system are accessible without authentication to external parties due to a... High Unreviewed
CVE-2024-6911 was published Jul 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database