GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
830 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue...
High
Unreviewed
CVE-2024-31277
was published
Apr 7, 2024
Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue...
Moderate
Unreviewed
CVE-2024-31308
was published
Apr 7, 2024
A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability...
Moderate
Unreviewed
CVE-2024-3431
was published
Apr 8, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:...
Moderate
Unreviewed
CVE-2024-27985
was published
Apr 11, 2024
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote...
Critical
Unreviewed
CVE-2023-27068
was published
May 23, 2023
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via...
High
Unreviewed
CVE-2017-18604
was published
May 24, 2022
A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could...
High
Unreviewed
CVE-2019-10924
was published
May 24, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21318
was published
Jan 9, 2024
A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9...
Moderate
Unreviewed
CVE-2024-3740
was published
Apr 13, 2024
Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue...
Moderate
Unreviewed
CVE-2024-32431
was published
Apr 15, 2024
Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects...
High
Unreviewed
CVE-2024-32603
was published
Apr 18, 2024
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master...
High
Unreviewed
CVE-2024-32600
was published
Apr 18, 2024
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up...
Moderate
Unreviewed
CVE-2024-4019
was published
Apr 20, 2024
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This...
Moderate
Unreviewed
CVE-2024-32835
was published
Apr 24, 2024
Deserialization of Untrusted Data vulnerability in Import and export users and customers.This...
Moderate
Unreviewed
CVE-2024-32817
was published
Apr 24, 2024
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue...
Moderate
Unreviewed
CVE-2023-32665
was published
Sep 14, 2023
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore...
Critical
Unreviewed
CVE-2024-33553
was published
Apr 29, 2024
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue...
Moderate
Unreviewed
CVE-2024-33641
was published
Apr 29, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows...
Critical
Unreviewed
CVE-2023-51204
was published
Jan 31, 2024
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted...
Critical
Unreviewed
CVE-2023-39475
was published
May 3, 2024
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code...
High
Unreviewed
CVE-2023-50220
was published
May 3, 2024
Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote...
High
Unreviewed
CVE-2023-39473
was published
May 3, 2024
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote...
Critical
Unreviewed
CVE-2023-39476
was published
May 3, 2024
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data...
High
Unreviewed
CVE-2023-50222
was published
May 3, 2024
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data...
High
Unreviewed
CVE-2023-50221
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API