Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+

108,521 advisories

Denial of service in langchain-community Moderate
CVE-2024-2965 was published for langchain-community (pip) Jun 6, 2024
eyurtsev efriis
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") Moderate
CVE-2024-30171 was published for BouncyCastle (Maven) May 14, 2024
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an... Moderate Unreviewed
CVE-2024-23442 was published Jun 14, 2024
The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all... Moderate Unreviewed
CVE-2024-2023 was published Jun 14, 2024
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow... Moderate Unreviewed
CVE-2024-5731 was published Jun 14, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop Moderate
CVE-2024-30172 was published for BouncyCastle (Maven) May 14, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,... Moderate Unreviewed
CVE-2024-2877 was published Apr 30, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue... Moderate Unreviewed
CVE-2023-51376 was published Jun 14, 2024
Memory management vulnerability in the boottime module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-36501 was published Jun 14, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed
CVE-2024-4863 was published Jun 14, 2024
Vulnerability of insufficient permission verification in the NearLink module Impact: Successful... Moderate Unreviewed
CVE-2024-5464 was published Jun 14, 2024
Function vulnerabilities in the Calendar module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-5465 was published Jun 14, 2024
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening... Moderate Unreviewed
CVE-2024-37182 was published Jun 14, 2024
Permission verification vulnerability in the system sharing pop-up module Impact: Successful... Moderate Unreviewed
CVE-2024-32990 was published May 14, 2024
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-5994 was published Jun 14, 2024
Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful... Moderate Unreviewed
CVE-2024-36499 was published Jun 14, 2024
Toshiba printers will display the password of the admin user in clear-text and additional... Moderate Unreviewed
CVE-2024-27163 was published Jun 14, 2024
Toshiba printers provide a web interface that will load the JavaScript file. The file contains... Moderate Unreviewed
CVE-2024-27162 was published Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed
CVE-2024-27161 was published Jun 14, 2024
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A... Moderate Unreviewed
CVE-2024-27157 was published Jun 14, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can... Moderate Unreviewed
CVE-2024-27156 was published Jun 14, 2024
The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2024-0892 was published Jun 14, 2024
The Simple Sitemap – Create a Responsive HTML Sitemap plugin for WordPress is vulnerable to Cross... Moderate Unreviewed
CVE-2023-6492 was published Jun 14, 2024
Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the... Moderate Unreviewed
CVE-2024-27179 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API