Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

237 advisories

Loading
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users... Moderate Unreviewed
CVE-2023-32226 was published Jul 30, 2023
JavaScript pre-processing can be used by the attacker to gain access to the file system (read... High Unreviewed
CVE-2023-29450 was published Jul 13, 2023
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior... High Unreviewed
CVE-2023-34316 was published Jul 10, 2023
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan... Moderate Unreviewed
CVE-2023-2538 was published Jul 5, 2023
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default... Moderate Unreviewed
CVE-2023-34834 was published Jun 29, 2023
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the ... High Unreviewed
CVE-2023-36664 was published Jun 26, 2023
An access issue was addressed with improved access restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2022-42834 was published Jun 23, 2023
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some... Moderate Unreviewed
CVE-2023-2766 was published May 17, 2023
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate... High Unreviewed
CVE-2023-2180 was published May 15, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29820 was published May 12, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1... Moderate Unreviewed
CVE-2023-29107 was published May 9, 2023
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a... High Unreviewed
CVE-2023-28375 was published Mar 28, 2023
amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion. High Unreviewed
CVE-2023-23330 was published Mar 28, 2023
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows... High Unreviewed
CVE-2023-1246 was published Mar 10, 2023
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-26948 was published Mar 9, 2023
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-26956 was published Mar 8, 2023
The Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user... High Unreviewed
CVE-2023-0331 was published Feb 27, 2023
A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read... High Unreviewed
CVE-2023-22974 was published Feb 22, 2023
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,... High Unreviewed
CVE-2023-0822 was published Feb 17, 2023
CRMEB 4.4.4 is vulnerable to Any File download. High Unreviewed
CVE-2022-44343 was published Feb 6, 2023
lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction... Moderate Unreviewed
CVE-2022-48094 was published Feb 1, 2023
Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the... High Unreviewed
CVE-2022-48161 was published Feb 1, 2023
The All-In-One Security (AIOS) WordPress plugin before 5.1.3 leaked settings of the plugin... Moderate Unreviewed
CVE-2022-4346 was published Jan 23, 2023
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0... Moderate Unreviewed
CVE-2022-45440 was published Jan 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database