Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
Apache Linkis DataSource allows arbitrary file reading High
CVE-2023-41916 was published for org.apache.linkis:linkis-datasource (Maven) Jul 15, 2024
An unauthenticated remote attacker can read out sensitive device information through a... High Unreviewed
CVE-2024-6421 was published Jul 10, 2024
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access High
CVE-2024-32498 was published for cinder (pip) Jul 5, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25... High Unreviewed
CVE-2024-4836 was published Jul 2, 2024
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-3564 was published Jun 1, 2024
Pterodactyl Wings vulnerable to Arbitrary File Write/Read High
CVE-2024-34066 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
Credited to TrixterTheTux and matthewpi
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... High Unreviewed
CVE-2024-2759 was published Apr 4, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed
CVE-2024-2052 was published Mar 18, 2024
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed
CVE-2024-24161 was published Feb 2, 2024
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed
CVE-2023-4550 was published Jan 29, 2024
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a... High Unreviewed
CVE-2023-47202 was published Jan 23, 2024
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to... High Unreviewed
CVE-2023-6266 was published Jan 11, 2024
The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2... High Unreviewed
CVE-2023-6114 was published Dec 26, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed
CVE-2023-39545 was published Nov 17, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to... High Unreviewed
CVE-2023-31017 was published Nov 2, 2023
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed
CVE-2023-5099 was published Oct 31, 2023
The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution... High Unreviewed
CVE-2023-5199 was published Oct 30, 2023
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx... High Unreviewed
CVE-2023-20235 was published Oct 4, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1... High Unreviewed
CVE-2023-38948 was published Aug 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database