Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,370 advisories

Loading
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up... High Unreviewed
CVE-2024-10079 was published Oct 18, 2024
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object... Critical Unreviewed
CVE-2024-49318 was published Oct 17, 2024
Admidio Vulnerable to HTML Injection In The Messages Section Low
CVE-2024-47836 was published for admidio/admidio (Composer) Oct 16, 2024
Kakashi1234
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows... Critical Unreviewed
CVE-2024-48030 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object... High Unreviewed
CVE-2024-49226 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object... Critical Unreviewed
CVE-2024-49218 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter... High Unreviewed
CVE-2024-49227 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows... Critical Unreviewed
CVE-2024-48026 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection... Critical Unreviewed
CVE-2024-48028 was published Oct 16, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in... Moderate Unreviewed
CVE-2021-4451 was published Oct 16, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2024-9634 was published Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed
CVE-2024-9953 was published Oct 15, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does... High Unreviewed
CVE-2024-45733 was published Oct 14, 2024
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects... Moderate Unreviewed
CVE-2024-9917 was published Oct 13, 2024
pac4j-core affected by a Java deserialization vulnerability Critical
CVE-2023-25581 was published for org.pac4j:pac4j-core (Maven) Oct 11, 2024
Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback... Critical Unreviewed
CVE-2024-48033 was published Oct 11, 2024
Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Low Unreviewed
CVE-2023-26592 was published Oct 10, 2024
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This... Critical Unreviewed
CVE-2024-47636 was published Oct 10, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be... High Unreviewed
CVE-2024-9005 was published Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9314 was published Oct 5, 2024
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK) Critical
CVE-2024-47561 was published for org.apache.avro:avro (Maven) Oct 3, 2024
dbrugman
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed
CVE-2024-7432 was published Oct 1, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed
CVE-2024-7433 was published Oct 1, 2024
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed
CVE-2024-7434 was published Oct 1, 2024
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. Moderate
CVE-2024-45772 was published for org.apache.lucene:lucene-replicator (Maven) Sep 30, 2024
streichsbaer
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database