GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
404 advisories
Filter by severity
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object...
High
Unreviewed
CVE-2024-49226
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter...
High
Unreviewed
CVE-2024-49227
was published
Oct 16, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does...
High
Unreviewed
CVE-2024-45733
was published
Oct 14, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be...
High
Unreviewed
CVE-2024-9005
was published
Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9314
was published
Oct 5, 2024
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7434
was published
Oct 1, 2024
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7432
was published
Oct 1, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7433
was published
Oct 1, 2024
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is...
High
Unreviewed
CVE-2024-8922
was published
Sep 27, 2024
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the...
High
Unreviewed
CVE-2024-43191
was published
Sep 26, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is...
High
Unreviewed
CVE-2024-8316
was published
Sep 25, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is...
High
Unreviewed
CVE-2024-7576
was published
Sep 25, 2024
The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is...
High
Unreviewed
CVE-2022-2439
was published
Sep 24, 2024
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This...
High
Unreviewed
CVE-2024-42323
was published
Sep 21, 2024
The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the ...
High
Unreviewed
CVE-2022-2446
was published
Sep 13, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43464
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38018
was published
Sep 10, 2024
The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7435
was published
Aug 31, 2024
The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-2694
was published
Aug 30, 2024
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote...
High
Unreviewed
CVE-2024-8255
was published
Aug 29, 2024
The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the...
High
Unreviewed
CVE-2022-2440
was published
Aug 29, 2024
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions...
High
Unreviewed
CVE-2024-7351
was published
Aug 24, 2024
The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7486
was published
Aug 8, 2024
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7560
was published
Aug 8, 2024
ProTip!
Advisories are also available from the
GraphQL API