Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

290 advisories

Loading
carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end... High Unreviewed
CVE-2023-33517 was published Oct 24, 2023
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4933 was published Oct 16, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5101 was published Oct 9, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx... High Unreviewed
CVE-2023-20235 was published Oct 4, 2023
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This... Low Unreviewed
CVE-2023-5297 was published Sep 30, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002... Moderate Unreviewed
CVE-2023-4588 was published Sep 6, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic.... Low Unreviewed
CVE-2023-4743 was published Sep 4, 2023
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local... Moderate Unreviewed
CVE-2023-41717 was published Aug 31, 2023
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an... Moderate Unreviewed
CVE-2023-4475 was published Aug 22, 2023
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1... High Unreviewed
CVE-2023-38948 was published Aug 3, 2023
In multiple Codesys products in multiple versions, after successful authentication as a user,... Moderate Unreviewed
CVE-2023-37551 was published Aug 3, 2023
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users... Moderate Unreviewed
CVE-2023-32226 was published Jul 30, 2023
JavaScript pre-processing can be used by the attacker to gain access to the file system (read... High Unreviewed
CVE-2023-29450 was published Jul 13, 2023
Apache InLong has Files or Directories Accessible to External Parties in Apache InLong Critical
CVE-2023-31066 was published for org.apache.inlong:manager-service (Maven) Jul 6, 2023
Apache InLong has Files or Directories Accessible to External Parties High
CVE-2023-31064 was published for org.apache.inlong:manager-workflow (Maven) Jul 6, 2023
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan... Moderate Unreviewed
CVE-2023-2538 was published Jul 5, 2023
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default... Moderate Unreviewed
CVE-2023-34834 was published Jun 29, 2023
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the ... High Unreviewed
CVE-2023-36664 was published Jun 26, 2023
An access issue was addressed with improved access restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2022-42834 was published Jun 23, 2023
laravel-s vulnerable to Local File Inclusion Critical
CVE-2023-29931 was published for hhxsv5/laravel-s (Composer) Jun 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database