GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
348 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y...
Critical
Unreviewed
CVE-2023-51414
was published
Dec 29, 2023
Deserialization of Untrusted Data vulnerability in Jacques Malgrange Rencontre – Dating Site.This...
Critical
Unreviewed
CVE-2023-51470
was published
Dec 29, 2023
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This...
Critical
Unreviewed
CVE-2023-49777
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes...
Critical
Unreviewed
CVE-2023-52182
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in Presslabs Theme per user.This issue affects...
Critical
Unreviewed
CVE-2023-52181
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue...
Critical
Unreviewed
CVE-2023-52219
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media...
Critical
Unreviewed
CVE-2023-52225
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Anton Bond Woocommerce Tranzila Payment...
Critical
Unreviewed
CVE-2023-52218
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with...
Critical
Unreviewed
CVE-2023-52207
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Folder...
Critical
Unreviewed
CVE-2023-52202
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with...
Critical
Unreviewed
CVE-2023-52205
was published
Jan 8, 2024
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
Critical
Unreviewed
CVE-2023-29300
was published
Jul 12, 2023
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier)...
Critical
Unreviewed
CVE-2023-38203
was published
Jul 20, 2023
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows...
Critical
Unreviewed
CVE-2023-49442
was published
Jan 3, 2024
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of...
Critical
Unreviewed
CVE-2023-6049
was published
Jan 15, 2024
A?CWE-502:?Deserialization of untrusted data?vulnerability exists?that could allow an attacker...
Critical
Unreviewed
CVE-2023-5391
was published
Oct 4, 2023
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
Critical
Unreviewed
CVE-2024-22320
was published
Feb 2, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products...
Critical
Unreviewed
CVE-2024-20253
was published
Jan 26, 2024
Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real...
Critical
Unreviewed
CVE-2024-24797
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue...
Critical
Unreviewed
CVE-2024-25100
was published
Feb 12, 2024
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2023-6933
was published
Feb 6, 2024
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution...
Critical
Unreviewed
CVE-2023-40057
was published
Feb 15, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code...
Critical
Unreviewed
CVE-2024-1800
was published
Mar 20, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
Critical
Unreviewed
CVE-2024-30223
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects...
Critical
Unreviewed
CVE-2024-30225
was published
Mar 28, 2024
ProTip!
Advisories are also available from the
GraphQL API