GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,227 advisories
Filter by severity
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an...
High
Unreviewed
CVE-2024-27275
was published
Jun 15, 2024
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file...
High
Unreviewed
CVE-2024-6000
was published
Jun 15, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
High
Unreviewed
CVE-2024-3813
was published
Jun 15, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for...
High
Unreviewed
CVE-2023-6696
was published
Jun 15, 2024
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and...
High
Unreviewed
CVE-2024-2544
was published
Jun 15, 2024
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service...
High
Unreviewed
CVE-2024-6003
was published
Jun 15, 2024
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file...
High
Unreviewed
CVE-2024-2024
was published
Jun 14, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An...
High
Unreviewed
CVE-2024-31162
was published
Jun 14, 2024
ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with...
High
Unreviewed
CVE-2024-31163
was published
Jun 14, 2024
Privilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-36500
was published
Jun 14, 2024
Memory management vulnerability in the Gralloc module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-36503
was published
Jun 14, 2024
Out-of-bounds read vulnerability in the audio module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-36502
was published
Jun 14, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The...
High
Unreviewed
CVE-2024-5995
was published
Jun 14, 2024
The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site...
High
Unreviewed
CVE-2024-5551
was published
Jun 14, 2024
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions...
High
Unreviewed
CVE-2024-4404
was published
Jun 14, 2024
Attackers can then execute malicious files by enabling certain services of the printer via the...
High
Unreviewed
CVE-2024-3498
was published
Jun 14, 2024
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to...
High
Unreviewed
CVE-2024-3497
was published
Jun 14, 2024
Attackers can bypass the web login authentication process to gain access to the printer's system...
High
Unreviewed
CVE-2024-3496
was published
Jun 14, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can...
High
Unreviewed
CVE-2024-27169
was published
Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by...
High
Unreviewed
CVE-2024-27176
was published
Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the...
High
Unreviewed
CVE-2024-27170
was published
Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by...
High
Unreviewed
CVE-2024-27178
was published
Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python...
High
Unreviewed
CVE-2024-27171
was published
Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several...
High
Unreviewed
CVE-2024-27167
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API