Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

87,216 advisories

Loading
Gogs through 0.13.0 allows argument injection during the tagging of a new release. High Unreviewed
CVE-2024-39933 was published Jul 4, 2024
Information exposure vulnerability in the MRW plugin, in its 5.4.3 version, affecting the ... High Unreviewed
CVE-2024-6506 was published Jul 4, 2024
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... High Unreviewed
CVE-2024-5943 was published Jul 4, 2024
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in... High Unreviewed
CVE-2024-6507 was published Jul 4, 2024
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not... High Unreviewed
CVE-2024-6387 was published Jul 1, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6318 was published Jul 4, 2024
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi... High Unreviewed
CVE-2024-1182 was published Jul 4, 2024
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-6319 was published Jul 4, 2024
A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16... High Unreviewed
CVE-2024-31484 was published May 14, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-31485 was published May 14, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
A high privileged remote attacker can execute arbitrary system commands via GET requests due to... High Unreviewed
CVE-2024-5672 was published Jul 3, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed
CVE-2024-2385 was published Jul 4, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27177 was published Jun 14, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
All the Toshiba printers share the same hardcoded root password. As for the affected products... High Unreviewed
CVE-2024-27158 was published Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27176 was published Jun 14, 2024
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal... High Unreviewed
CVE-2024-27166 was published Jun 14, 2024
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability.... High Unreviewed
CVE-2024-27165 was published Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see... High Unreviewed
CVE-2024-27164 was published Jun 14, 2024
An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by... High Unreviewed
CVE-2024-27178 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API