GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,046
Composer 5,218
Erlang 40
GitHub Actions 40
Go 2,974
Maven 6,256
npm 4,621
NuGet 788
pip 4,317
Pub 12
RubyGems 984
Rust 1,131
Swift 49

Unreviewed advisories

All unreviewed 289,607

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

309 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is... Moderate Unreviewed

CVE-2024-3164 was published Apr 2, 2024

CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could... High Unreviewed

CVE-2024-2052 was published Mar 18, 2024

A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded... Moderate Unreviewed

CVE-2023-45594 was published Mar 5, 2024

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2024-21403 was published Feb 13, 2024

Aria Operations for Networks contains a local file read vulnerability. A malicious actor with... Moderate Unreviewed

CVE-2024-22240 was published Feb 6, 2024

MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed

CVE-2024-24161 was published Feb 2, 2024

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed

CVE-2023-4550 was published Jan 29, 2024

A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified... Moderate Unreviewed

CVE-2024-1005 was published Jan 29, 2024

A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a... High Unreviewed

CVE-2023-47202 was published Jan 23, 2024

Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation... Moderate Unreviewed

CVE-2023-52112 was published Jan 16, 2024

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to... High Unreviewed

CVE-2023-6266 was published Jan 11, 2024

The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2... High Unreviewed

CVE-2023-6114 was published Dec 26, 2023

Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A... Moderate Unreviewed

CVE-2023-48661 was published Dec 14, 2023

The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory,... Moderate Unreviewed

CVE-2023-5907 was published Dec 11, 2023

Tyler Technologies Court Case Management Plus may store backups in a location that can be... Moderate Unreviewed

CVE-2023-6375 was published Nov 30, 2023

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed

CVE-2023-39545 was published Nov 17, 2023

Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-42534 was published Nov 13, 2023

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit... Moderate Unreviewed

CVE-2023-47612 was published Nov 9, 2023

The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the... Moderate Unreviewed

CVE-2023-4930 was published Nov 6, 2023

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to... High Unreviewed

CVE-2023-31017 was published Nov 2, 2023

The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed

CVE-2023-5099 was published Oct 31, 2023

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution... High Unreviewed

CVE-2023-5199 was published Oct 30, 2023

carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed

CVE-2023-33517 was published Oct 24, 2023

The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed

CVE-2023-4933 was published Oct 16, 2023

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed

CVE-2023-3155 was published Oct 16, 2023

Previous 1…5…13 Next

Previous 1 2 3 4 5 6 7 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

309 advisories