Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,385 advisories

Loading
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The... High Unreviewed
CVE-2024-5995 was published Jun 14, 2024
Out-of-bounds read vulnerability in the audio module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-36502 was published Jun 14, 2024
Memory management vulnerability in the Gralloc module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-36503 was published Jun 14, 2024
ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with... High Unreviewed
CVE-2024-31163 was published Jun 14, 2024
The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-5551 was published Jun 14, 2024
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed
CVE-2024-4404 was published Jun 14, 2024
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to... High Unreviewed
CVE-2024-3497 was published Jun 14, 2024
Attackers can then execute malicious files by enabling certain services of the printer via the... High Unreviewed
CVE-2024-3498 was published Jun 14, 2024
Attackers can bypass the web login authentication process to gain access to the printer's system... High Unreviewed
CVE-2024-3496 was published Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27176 was published Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
The upload functionality of ASUS Download Master does not properly filter user input. Remote... High Unreviewed
CVE-2024-31161 was published Jun 14, 2024
The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar... High Unreviewed
CVE-2024-1094 was published Jun 14, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can... High Unreviewed
CVE-2024-27169 was published Jun 14, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27177 was published Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27178 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
All the Toshiba printers share the same hardcoded root password. As for the affected products... High Unreviewed
CVE-2024-27158 was published Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see... High Unreviewed
CVE-2024-27164 was published Jun 14, 2024
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal... High Unreviewed
CVE-2024-27166 was published Jun 14, 2024
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability.... High Unreviewed
CVE-2024-27165 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27149 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API