GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,715
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
273 advisories
Filter by severity
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1...
Moderate
Unreviewed
CVE-2024-10126
was published
Nov 20, 2024
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application...
Moderate
Unreviewed
CVE-2023-20039
was published
Nov 15, 2024
Craft CMS Arbitrary System File Read
High
CVE-2024-52292
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway...
Moderate
Unreviewed
CVE-2024-8535
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a...
Low
Unreviewed
CVE-2024-48838
was published
Nov 12, 2024
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it...
High
Unreviewed
CVE-2024-10526
was published
Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote...
High
Unreviewed
CVE-2024-48647
was published
Oct 30, 2024
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
Moderate
CVE-2024-49756
was published
for
ash_postgres
(Erlang)
Oct 23, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and...
Moderate
Unreviewed
CVE-2024-44807
was published
Oct 11, 2024
BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin...
Moderate
Unreviewed
CVE-2024-45894
was published
Oct 7, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to...
High
Unreviewed
CVE-2024-39581
was published
Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to...
High
Unreviewed
CVE-2024-36442
was published
Aug 22, 2024
Apache SeaTunnel SQL Injection vulnerability
High
CVE-2023-49198
was published
for
org.apache.seatunnel:seatunnel
(Maven)
Aug 21, 2024
Priority – CWE-552: Files or Directories Accessible to External Parties
Moderate
Unreviewed
CVE-2024-41699
was published
Aug 20, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-7729
was published
Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration...
High
Unreviewed
CVE-2024-3913
was published
Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),...
High
Unreviewed
CVE-2024-38876
was published
Aug 2, 2024
Apache Linkis arbitrary file deletion vulnerability
High
CVE-2024-27182
was published
for
org.apache.linkis:linkis
(Maven)
Aug 2, 2024
Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
High
Unreviewed
CVE-2024-38429
was published
Jul 30, 2024
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
Moderate
CVE-2024-40767
was published
for
Nova
(pip)
Jul 24, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API