GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,004
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
273 advisories
Filter by severity
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is...
Moderate
Unreviewed
CVE-2024-3164
was published
Apr 2, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and...
Moderate
Unreviewed
CVE-2024-44807
was published
Oct 11, 2024
A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient...
Moderate
Unreviewed
CVE-2022-45052
was published
Jan 4, 2023
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
Moderate
CVE-2024-49756
was published
for
ash_postgres
(Erlang)
Oct 23, 2024
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
Moderate
CVE-2024-40767
was published
for
Nova
(pip)
Jul 24, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS...
Moderate
Unreviewed
CVE-2024-23282
was published
Jun 10, 2024
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
High
CVE-2024-32498
was published
for
cinder
(pip)
Jul 5, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote...
High
Unreviewed
CVE-2024-48647
was published
Oct 30, 2024
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it...
High
Unreviewed
CVE-2024-10526
was published
Nov 7, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a...
Low
Unreviewed
CVE-2024-48838
was published
Nov 12, 2024
Craft CMS Arbitrary System File Read
High
CVE-2024-52292
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway...
Moderate
Unreviewed
CVE-2024-8535
was published
Nov 12, 2024
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application...
Moderate
Unreviewed
CVE-2023-20039
was published
Nov 15, 2024
Apache Linkis DataSource allows arbitrary file reading
High
CVE-2023-41916
was published
for
org.apache.linkis:linkis-datasource
(Maven)
Jul 15, 2024
Apache Linkis arbitrary file deletion vulnerability
High
CVE-2024-27182
was published
for
org.apache.linkis:linkis
(Maven)
Aug 2, 2024
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1...
Moderate
Unreviewed
CVE-2024-10126
was published
Nov 20, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information...
High
Unreviewed
CVE-2024-2759
was published
Apr 4, 2024
BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin...
Moderate
Unreviewed
CVE-2024-45894
was published
Oct 7, 2024
ProTip!
Advisories are also available from the
GraphQL API