Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,737 advisories

Loading
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC... Critical Unreviewed
CVE-2024-37079 was published Jun 18, 2024
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC... Critical Unreviewed
CVE-2024-37080 was published Jun 18, 2024
rke's credentials are stored in the RKE1 Cluster state ConfigMap Critical
CVE-2023-32191 was published for github.com/rancher/rke (Go) Jun 17, 2024
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who... Critical Unreviewed
CVE-2023-6345 was published Nov 29, 2023
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability.... Critical Unreviewed
CVE-2023-22518 was published Oct 31, 2023
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have... Critical Unreviewed
CVE-2022-45063 was published Nov 10, 2022
Files or Directories Accessible to External Parties in ProjectDiscovery Critical
CVE-2024-5262 was published for github.com/projectdiscovery/interactsh (Go) Jun 5, 2024
Unable to generate the correct character set Critical
CVE-2024-36400 was published for nano-id (Rust) Jun 4, 2024
ciffelia
Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email... Critical Unreviewed
CVE-2024-6048 was published Jun 17, 2024
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed
CVE-2024-6047 was published Jun 17, 2024
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in... Critical Unreviewed
CVE-2024-6046 was published Jun 17, 2024
The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is... Critical Unreviewed
CVE-2024-3105 was published Jun 15, 2024
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is... Critical Unreviewed
CVE-2024-4258 was published Jun 15, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection in all... Critical Unreviewed
CVE-2024-5871 was published Jun 15, 2024
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote... Critical Unreviewed
CVE-2024-5671 was published Jun 14, 2024
The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and... Critical Unreviewed
CVE-2024-2472 was published Jun 14, 2024
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An... Critical Unreviewed
CVE-2024-3912 was published Jun 14, 2024
The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in... Critical Unreviewed
CVE-2024-5577 was published Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed
CVE-2024-27172 was published Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution by overwriting existing... Critical Unreviewed
CVE-2024-27173 was published Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be... Critical Unreviewed
CVE-2024-27174 was published Jun 14, 2024
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and... Critical Unreviewed
CVE-2024-4936 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the admin web interface. An... Critical Unreviewed
CVE-2024-27145 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the web interface without... Critical Unreviewed
CVE-2024-27144 was published Jun 14, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2024-3080 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API