GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,302 advisories
Filter by severity
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store...
Critical
Unreviewed
CVE-2024-5335
was published
Aug 21, 2024
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-8003
was published
Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP...
Critical
Unreviewed
CVE-2024-5932
was published
Aug 20, 2024
Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue...
Critical
Unreviewed
CVE-2024-43354
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue...
Critical
Unreviewed
CVE-2024-43252
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object...
Critical
Unreviewed
CVE-2024-43242
was published
Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This...
Critical
Unreviewed
CVE-2024-37099
was published
Aug 19, 2024
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code...
Critical
Unreviewed
CVE-2024-28986
was published
Aug 14, 2024
Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants...
Critical
Unreviewed
CVE-2024-43141
was published
Aug 13, 2024
The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7486
was published
Aug 8, 2024
The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7561
was published
Aug 8, 2024
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7560
was published
Aug 8, 2024
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an...
High
Unreviewed
CVE-2024-36131
was published
Aug 7, 2024
Redisson vulnerable to Deserialization of Untrusted Data
Critical
CVE-2023-42809
was published
for
org.redisson:redisson
(Maven)
Aug 5, 2024
XXL-RPC Deserialization of Untrusted Data vulnerability
Critical
CVE-2023-45146
was published
for
com.xuxueli:xxl-rpc-core
(Maven)
Aug 5, 2024
Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue...
High
Unreviewed
CVE-2024-39636
was published
Aug 2, 2024
Deserialization of Untrusted Data vulnerability in MotoPress Timetable and Event Schedule allows...
Moderate
Unreviewed
CVE-2024-39630
was published
Aug 1, 2024
The Flipbox Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up...
High
Unreviewed
CVE-2024-6152
was published
Jul 27, 2024
A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to...
Moderate
Unreviewed
CVE-2024-7067
was published
Jul 24, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code...
Critical
Unreviewed
CVE-2024-6327
was published
Jul 24, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in...
High
Unreviewed
CVE-2024-6675
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ...
Critical
Unreviewed
CVE-2024-6794
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that...
Critical
Unreviewed
CVE-2024-6793
was published
Jul 22, 2024
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace.This issue...
Moderate
Unreviewed
CVE-2024-38759
was published
Jul 22, 2024
H2O vulnerable to Deserialization of Untrusted Data
High
CVE-2024-6960
was published
for
ai.h2o:h2o-core
(Maven)
Jul 21, 2024
ProTip!
Advisories are also available from the
GraphQL API