GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,370 advisories
Filter by severity
Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.
Critical
Unreviewed
CVE-2023-37227
was published
Sep 10, 2024
ThinkPHP deserialization vulnerability
Critical
CVE-2024-44902
was published
for
topthink/framework
(Composer)
Sep 9, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to...
Critical
Unreviewed
CVE-2024-37288
was published
Sep 9, 2024
A deserialization of untrusted data vulnerability with a malicious payload can allow an...
Critical
Unreviewed
CVE-2024-40711
was published
Sep 7, 2024
H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to...
Critical
Unreviewed
CVE-2024-45758
was published
Sep 6, 2024
The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7435
was published
Aug 31, 2024
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2024-8016
was published
Aug 30, 2024
The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-2694
was published
Aug 30, 2024
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote...
High
Unreviewed
CVE-2024-8255
was published
Aug 29, 2024
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This...
Critical
Unreviewed
CVE-2024-43931
was published
Aug 29, 2024
The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the...
High
Unreviewed
CVE-2022-2440
was published
Aug 29, 2024
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store...
Critical
Unreviewed
CVE-2024-8030
was published
Aug 28, 2024
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions...
High
Unreviewed
CVE-2024-7351
was published
Aug 24, 2024
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store...
Critical
Unreviewed
CVE-2024-5335
was published
Aug 21, 2024
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-8003
was published
Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP...
Critical
Unreviewed
CVE-2024-5932
was published
Aug 20, 2024
Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue...
Critical
Unreviewed
CVE-2024-43354
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue...
Critical
Unreviewed
CVE-2024-43252
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object...
Critical
Unreviewed
CVE-2024-43242
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This...
Critical
Unreviewed
CVE-2024-37099
was published
Aug 19, 2024
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code...
Critical
Unreviewed
CVE-2024-28986
was published
Aug 14, 2024
Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants...
Critical
Unreviewed
CVE-2024-43141
was published
Aug 13, 2024
The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7561
was published
Aug 8, 2024
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7560
was published
Aug 8, 2024
The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7486
was published
Aug 8, 2024
ProTip!
Advisories are also available from the
GraphQL API