GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,150
Erlang
30
GitHub Actions
19
Go
1,952
Maven
5,000+
npm
3,684
NuGet
650
pip
3,305
Pub
11
RubyGems
879
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
262 advisories
Filter by severity
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
Moderate
CVE-2024-49756
was published
for
ash_postgres
(Erlang)
Oct 23, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and...
Moderate
Unreviewed
CVE-2024-44807
was published
Oct 11, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as...
Moderate
Unreviewed
CVE-2024-8655
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to...
High
Unreviewed
CVE-2024-39581
was published
Sep 10, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to...
High
Unreviewed
CVE-2024-36442
was published
Aug 22, 2024
Apache SeaTunnel SQL Injection vulnerability
High
CVE-2023-49198
was published
for
org.apache.seatunnel:seatunnel
(Maven)
Aug 21, 2024
Priority – CWE-552: Files or Directories Accessible to External Parties
Moderate
Unreviewed
CVE-2024-41699
was published
Aug 20, 2024
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-7729
was published
Aug 14, 2024
An unauthenticated remote attacker can use this vulnerability to change the device configuration...
High
Unreviewed
CVE-2024-3913
was published
Aug 13, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),...
High
Unreviewed
CVE-2024-38876
was published
Aug 2, 2024
Apache Linkis arbitrary file deletion vulnerability
Moderate
CVE-2024-27182
was published
for
org.apache.linkis:linkis
(Maven)
Aug 2, 2024
Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
High
Unreviewed
CVE-2024-38429
was published
Jul 30, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
Apache Linkis DataSource allows arbitrary file reading
Moderate
CVE-2023-41916
was published
for
org.apache.linkis:linkis-datasource
(Maven)
Jul 15, 2024
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series
v <...
Critical
Unreviewed
CVE-2024-6209
was published
Jul 5, 2024
Gogs allows deletion of internal files
Critical
CVE-2024-39931
was published
for
github.com/gogs/gogs
(Go)
Jul 4, 2024
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25...
High
Unreviewed
CVE-2024-4836
was published
Jul 2, 2024
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may...
Moderate
Unreviewed
CVE-2024-5056
was published
Jun 12, 2024
Files or Directories Accessible to External Parties in ProjectDiscovery
Critical
CVE-2024-5262
was published
for
github.com/projectdiscovery/interactsh
(Go)
Jun 5, 2024
A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-5587
was published
Jun 2, 2024
A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It...
Moderate
Unreviewed
CVE-2024-5045
was published
May 17, 2024
wolfictl leaks GitHub tokens to remote non-GitHub git servers
Moderate
CVE-2024-35183
was published
for
github.com/wolfi-dev/wolfictl
(Go)
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API