GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,521 advisories
Filter by severity
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain-community
(pip)
Jun 6, 2024
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
Moderate
CVE-2024-30171
was published
for
BouncyCastle
(Maven)
May 14, 2024
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an...
Moderate
Unreviewed
CVE-2024-23442
was published
Jun 14, 2024
The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all...
Moderate
Unreviewed
CVE-2024-2023
was published
Jun 14, 2024
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow...
Moderate
Unreviewed
CVE-2024-5731
was published
Jun 14, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,...
Moderate
Unreviewed
CVE-2024-2877
was published
Apr 30, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34012
was published
Jun 14, 2024
Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue...
Moderate
Unreviewed
CVE-2023-51376
was published
Jun 14, 2024
Memory management vulnerability in the boottime module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-36501
was published
Jun 14, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-4863
was published
Jun 14, 2024
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-5464
was published
Jun 14, 2024
Function vulnerabilities in the Calendar module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-5465
was published
Jun 14, 2024
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening...
Moderate
Unreviewed
CVE-2024-37182
was published
Jun 14, 2024
Permission verification vulnerability in the system sharing pop-up module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-32990
was published
May 14, 2024
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5994
was published
Jun 14, 2024
Vulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-36499
was published
Jun 14, 2024
Toshiba printers will display the password of the admin user in clear-text and additional...
Moderate
Unreviewed
CVE-2024-27163
was published
Jun 14, 2024
Toshiba printers provide a web interface that will load the JavaScript file. The file contains...
Moderate
Unreviewed
CVE-2024-27162
was published
Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An...
Moderate
Unreviewed
CVE-2024-27161
was published
Jun 14, 2024
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A...
Moderate
Unreviewed
CVE-2024-27157
was published
Jun 14, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can...
Moderate
Unreviewed
CVE-2024-27156
was published
Jun 14, 2024
The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery...
Moderate
Unreviewed
CVE-2024-0892
was published
Jun 14, 2024
The Simple Sitemap – Create a Responsive HTML Sitemap plugin for WordPress is vulnerable to Cross...
Moderate
Unreviewed
CVE-2023-6492
was published
Jun 14, 2024
Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the...
Moderate
Unreviewed
CVE-2024-27179
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API