Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

336 advisories

Loading
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read... High Unreviewed
CVE-2023-3155 was published Oct 16, 2023
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5101 was published Oct 9, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx... High Unreviewed
CVE-2023-20235 was published Oct 4, 2023
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This... Low Unreviewed
CVE-2023-5297 was published Sep 30, 2023
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the... High Unreviewed
CVE-2023-43856 was published Sep 27, 2023
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit,... High Unreviewed
CVE-2023-3712 was published Sep 12, 2023
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002... Moderate Unreviewed
CVE-2023-4588 was published Sep 6, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic.... Low Unreviewed
CVE-2023-4743 was published Sep 4, 2023
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local... Moderate Unreviewed
CVE-2023-41717 was published Aug 31, 2023
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an... Moderate Unreviewed
CVE-2023-4475 was published Aug 22, 2023
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1... High Unreviewed
CVE-2023-38948 was published Aug 3, 2023
In multiple Codesys products in multiple versions, after successful authentication as a user,... Moderate Unreviewed
CVE-2023-37551 was published Aug 3, 2023
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users... Moderate Unreviewed
CVE-2023-32226 was published Jul 30, 2023
JavaScript pre-processing can be used by the attacker to gain access to the file system (read... High Unreviewed
CVE-2023-29450 was published Jul 13, 2023
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior... High Unreviewed
CVE-2023-34316 was published Jul 10, 2023
Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <=... Moderate Unreviewed
CVE-2022-44634 was published Jul 6, 2023
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan... Moderate Unreviewed
CVE-2023-2538 was published Jul 5, 2023
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default... Moderate Unreviewed
CVE-2023-34834 was published Jun 29, 2023
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the ... High Unreviewed
CVE-2023-36664 was published Jun 26, 2023
An access issue was addressed with improved access restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2022-42834 was published Jun 23, 2023
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some... Moderate Unreviewed
CVE-2023-2766 was published May 17, 2023
The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate... High Unreviewed
CVE-2023-2180 was published May 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database