GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,375 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows...
Critical
Unreviewed
CVE-2024-49624
was published
Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components...
Critical
Unreviewed
CVE-2024-49625
was published
Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This...
Critical
Unreviewed
CVE-2024-49332
was published
Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows...
Critical
Unreviewed
CVE-2024-49626
was published
Oct 20, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object...
Critical
Unreviewed
CVE-2024-49318
was published
Oct 17, 2024
Admidio Vulnerable to HTML Injection In The Messages Section
Low
CVE-2024-47836
was published
for
admidio/admidio
(Composer)
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows...
Critical
Unreviewed
CVE-2024-48030
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object...
High
Unreviewed
CVE-2024-49226
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object...
Critical
Unreviewed
CVE-2024-49218
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter...
High
Unreviewed
CVE-2024-49227
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows...
Critical
Unreviewed
CVE-2024-48026
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection...
Critical
Unreviewed
CVE-2024-48028
was published
Oct 16, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in...
Moderate
Unreviewed
CVE-2021-4451
was published
Oct 16, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP...
Critical
Unreviewed
CVE-2024-9634
was published
Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An...
Moderate
Unreviewed
CVE-2024-9953
was published
Oct 15, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does...
High
Unreviewed
CVE-2024-45733
was published
Oct 14, 2024
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects...
Moderate
Unreviewed
CVE-2024-9917
was published
Oct 13, 2024
pac4j-core affected by a Java deserialization vulnerability
Critical
CVE-2023-25581
was published
for
org.pac4j:pac4j-core
(Maven)
Oct 11, 2024
Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback...
Critical
Unreviewed
CVE-2024-48033
was published
Oct 11, 2024
Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before...
Low
Unreviewed
CVE-2023-26592
was published
Oct 10, 2024
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This...
Critical
Unreviewed
CVE-2024-47636
was published
Oct 10, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be...
High
Unreviewed
CVE-2024-9005
was published
Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9314
was published
Oct 5, 2024
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Critical
CVE-2024-47561
was published
for
org.apache.avro:avro
(Maven)
Oct 3, 2024
ProTip!
Advisories are also available from the
GraphQL API