GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
281 advisories
Filter by severity
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation...
High
Unreviewed
CVE-2024-50627
was published
Dec 10, 2024
Configuration Download vulnerabilities allow access to dependency configuration information. ...
High
Unreviewed
CVE-2024-51542
was published
Dec 5, 2024
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may...
Critical
Unreviewed
CVE-2024-53676
was published
Nov 27, 2024
TCPDF Local File Inclusion vulnerability
Moderate
CVE-2024-51058
was published
for
tecnickcom/tcpdf
(Composer)
Nov 26, 2024
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1...
Moderate
Unreviewed
CVE-2024-10126
was published
Nov 20, 2024
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application...
Moderate
Unreviewed
CVE-2023-20039
was published
Nov 15, 2024
Craft CMS Arbitrary System File Read
High
CVE-2024-52292
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway...
Moderate
Unreviewed
CVE-2024-8535
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a...
Low
Unreviewed
CVE-2024-48838
was published
Nov 12, 2024
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it...
High
Unreviewed
CVE-2024-10526
was published
Nov 7, 2024
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote...
High
Unreviewed
CVE-2024-48647
was published
Oct 30, 2024
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
Moderate
CVE-2024-49756
was published
for
ash_postgres
(Erlang)
Oct 23, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and...
Moderate
Unreviewed
CVE-2024-44807
was published
Oct 11, 2024
BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin...
Moderate
Unreviewed
CVE-2024-45894
was published
Oct 7, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to...
High
Unreviewed
CVE-2024-39581
was published
Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to...
High
Unreviewed
CVE-2024-36442
was published
Aug 22, 2024
Apache SeaTunnel SQL Injection vulnerability
High
CVE-2023-49198
was published
for
org.apache.seatunnel:seatunnel
(Maven)
Aug 21, 2024
Priority – CWE-552: Files or Directories Accessible to External Parties
Moderate
Unreviewed
CVE-2024-41699
was published
Aug 20, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-7729
was published
Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration...
High
Unreviewed
CVE-2024-3913
was published
Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),...
High
Unreviewed
CVE-2024-38876
was published
Aug 2, 2024
ProTip!
Advisories are also available from the
GraphQL API