GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,276
Composer 3,946
Erlang 29
GitHub Actions 16
Go 1,734
Maven 4,963
npm 3,493
NuGet 607
pip 3,059
Pub 10
RubyGems 832
Rust 779
Swift 34

Unreviewed advisories

All unreviewed 220,206

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

21,678 advisories

Filter by severity

Sort by

Least recently updated

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is... Critical Unreviewed

CVE-2024-4258 was published Jun 15, 2024

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is... Critical Unreviewed

CVE-2024-3105 was published Jun 15, 2024

The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection in all... Critical Unreviewed

CVE-2024-5871 was published Jun 15, 2024

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote... Critical Unreviewed

CVE-2024-5671 was published Jun 14, 2024

Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An... Critical Unreviewed

CVE-2024-3912 was published Jun 14, 2024

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and... Critical Unreviewed

CVE-2024-2472 was published Jun 14, 2024

The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in... Critical Unreviewed

CVE-2024-5577 was published Jun 14, 2024

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and... Critical Unreviewed

CVE-2024-4936 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be... Critical Unreviewed

CVE-2024-27174 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution by overwriting existing... Critical Unreviewed

CVE-2024-27173 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2024-3080 was published Jun 14, 2024

The Toshiba printers provide several ways to upload files using the web interface without... Critical Unreviewed

CVE-2024-27144 was published Jun 14, 2024

The Toshiba printers provide several ways to upload files using the admin web interface. An... Critical Unreviewed

CVE-2024-27145 was published Jun 14, 2024

Toshiba printers use SNMP for configuration. Using the private community, it is possible to... Critical Unreviewed

CVE-2024-27143 was published Jun 14, 2024

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can... Critical Unreviewed

CVE-2024-0095 was published Jun 14, 2024

Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed

CVE-2024-30300 was published Jun 13, 2024

Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed

CVE-2024-30299 was published Jun 13, 2024

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &... Critical Unreviewed

CVE-2024-4371 was published Jun 13, 2024

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... Critical Unreviewed

CVE-2024-34108 was published Jun 13, 2024

Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability Critical

CVE-2024-34102 was published for magento/community-edition (Composer) Jun 13, 2024

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all... Critical Unreviewed

CVE-2024-3922 was published Jun 13, 2024

CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass... Critical Unreviewed

CVE-2024-37036 was published Jun 12, 2024

Apache Submarine Server Core Incorrect Authorization vulnerability Critical

CVE-2024-36265 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024

A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the ... Critical Unreviewed

CVE-2024-5211 was published Jun 12, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,678 advisories