GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
399 advisories
Filter by severity
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
Critical
Unreviewed
CVE-2024-22320
was published
Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows...
Critical
Unreviewed
CVE-2023-51204
was published
Jan 31, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products...
Critical
Unreviewed
CVE-2024-20253
was published
Jan 26, 2024
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of...
Critical
Unreviewed
CVE-2023-6049
was published
Jan 15, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Folder...
Critical
Unreviewed
CVE-2023-52202
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with...
Critical
Unreviewed
CVE-2023-52205
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with...
Critical
Unreviewed
CVE-2023-52207
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue...
Critical
Unreviewed
CVE-2023-52219
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media...
Critical
Unreviewed
CVE-2023-52225
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Anton Bond Woocommerce Tranzila Payment...
Critical
Unreviewed
CVE-2023-52218
was published
Jan 8, 2024
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows...
Critical
Unreviewed
CVE-2023-49442
was published
Jan 3, 2024
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This...
Critical
Unreviewed
CVE-2023-49777
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes...
Critical
Unreviewed
CVE-2023-52182
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in Presslabs Theme per user.This issue affects...
Critical
Unreviewed
CVE-2023-52181
was published
Dec 31, 2023
Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y...
Critical
Unreviewed
CVE-2023-51414
was published
Dec 29, 2023
Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for...
Critical
Unreviewed
CVE-2023-51505
was published
Dec 29, 2023
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live...
Critical
Unreviewed
CVE-2023-51422
was published
Dec 29, 2023
Deserialization of Untrusted Data vulnerability in Jacques Malgrange Rencontre – Dating Site.This...
Critical
Unreviewed
CVE-2023-51470
was published
Dec 29, 2023
An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects...
Critical
Unreviewed
CVE-2022-34268
was published
Dec 25, 2023
Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce...
Critical
Unreviewed
CVE-2023-32242
was published
Dec 21, 2023
Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects...
Critical
Unreviewed
CVE-2023-49778
was published
Dec 21, 2023
Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue...
Critical
Unreviewed
CVE-2023-49773
was published
Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love...
Critical
Unreviewed
CVE-2023-49772
was published
Dec 20, 2023
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands...
Critical
Unreviewed
CVE-2023-48886
was published
Dec 2, 2023
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an...
Critical
Unreviewed
CVE-2023-47207
was published
Dec 1, 2023
ProTip!
Advisories are also available from the
GraphQL API