GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,680 advisories
Filter by severity
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality....
Critical
Unreviewed
CVE-2024-6047
was published
Jun 17, 2024
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in...
Critical
Unreviewed
CVE-2024-6046
was published
Jun 17, 2024
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is...
Critical
Unreviewed
CVE-2024-4258
was published
Jun 15, 2024
The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is...
Critical
Unreviewed
CVE-2024-3105
was published
Jun 15, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2024-5871
was published
Jun 15, 2024
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote...
Critical
Unreviewed
CVE-2024-5671
was published
Jun 14, 2024
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An...
Critical
Unreviewed
CVE-2024-3912
was published
Jun 14, 2024
The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and...
Critical
Unreviewed
CVE-2024-2472
was published
Jun 14, 2024
The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in...
Critical
Unreviewed
CVE-2024-5577
was published
Jun 14, 2024
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and...
Critical
Unreviewed
CVE-2024-4936
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be...
Critical
Unreviewed
CVE-2024-27174
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution by overwriting existing...
Critical
Unreviewed
CVE-2024-27173
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. As for the affected...
Critical
Unreviewed
CVE-2024-27172
was published
Jun 14, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated...
Critical
Unreviewed
CVE-2024-3080
was published
Jun 14, 2024
The Toshiba printers provide several ways to upload files using the web interface without...
Critical
Unreviewed
CVE-2024-27144
was published
Jun 14, 2024
The Toshiba printers provide several ways to upload files using the admin web interface. An...
Critical
Unreviewed
CVE-2024-27145
was published
Jun 14, 2024
Toshiba printers use SNMP for configuration. Using the private community, it is possible to...
Critical
Unreviewed
CVE-2024-27143
was published
Jun 14, 2024
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can...
Critical
Unreviewed
CVE-2024-0095
was published
Jun 14, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30299
was published
Jun 13, 2024
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &...
Critical
Unreviewed
CVE-2024-4371
was published
Jun 13, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-34108
was published
Jun 13, 2024
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
Critical
CVE-2024-34102
was published
for
magento/community-edition
(Composer)
Jun 13, 2024
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all...
Critical
Unreviewed
CVE-2024-3922
was published
Jun 13, 2024
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass...
Critical
Unreviewed
CVE-2024-37036
was published
Jun 12, 2024
ProTip!
Advisories are also available from the
GraphQL API