GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,460 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows...
Critical
Unreviewed
CVE-2024-52432
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection...
Critical
Unreviewed
CVE-2024-52430
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free...
Critical
Unreviewed
CVE-2024-52433
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Apache HertzBeat.
This vulnerability can only...
High
Unreviewed
CVE-2024-41151
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This...
Critical
Unreviewed
CVE-2024-52412
was published
Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced...
Critical
Unreviewed
CVE-2024-52411
was published
Nov 17, 2024
Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This...
Critical
Unreviewed
CVE-2024-52413
was published
Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object...
Critical
Unreviewed
CVE-2024-52410
was published
Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu...
Critical
Unreviewed
CVE-2024-52414
was published
Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object...
Critical
Unreviewed
CVE-2024-52409
was published
Nov 17, 2024
Deserialization of Untrusted Data in dompdf/dompdf
Critical
CVE-2021-3838
was published
for
dompdf/dompdf
(Composer)
Nov 15, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to...
Critical
Unreviewed
CVE-2024-37285
was published
Nov 14, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-10962
was published
Nov 14, 2024
FileManager Deserialization of Untrusted Data vulnerability
High
CVE-2024-52306
was published
for
backpack/filemanager
(Composer)
Nov 13, 2024
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to...
High
Unreviewed
CVE-2024-43080
was published
Nov 13, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution...
High
Unreviewed
CVE-2024-10013
was published
Nov 13, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack...
High
Unreviewed
CVE-2024-10012
was published
Nov 13, 2024
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-10828
was published
Nov 13, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session...
Moderate
Unreviewed
CVE-2024-8069
was published
Nov 12, 2024
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910...
Critical
Unreviewed
CVE-2024-44102
was published
Nov 12, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM...
High
Unreviewed
CVE-2023-32736
was published
Nov 12, 2024
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
High
CVE-2024-47072
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Nov 7, 2024
A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Affected...
Low
Unreviewed
CVE-2024-10749
was published
Nov 4, 2024
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability
High
CVE-2024-43383
was published
for
Lucene.Net.Replicator
(NuGet)
Oct 31, 2024
ThinkPHP deserialization vulnerability
High
CVE-2024-48112
was published
for
topthink/thinkphp
(Composer)
Oct 30, 2024
ProTip!
Advisories are also available from the
GraphQL API