GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,424 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This...
Critical
Unreviewed
CVE-2024-49332
was published
Oct 20, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object...
Critical
Unreviewed
CVE-2024-49318
was published
Oct 17, 2024
Admidio Vulnerable to HTML Injection In The Messages Section
Low
CVE-2024-47836
was published
for
admidio/admidio
(Composer)
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object...
High
Unreviewed
CVE-2024-49226
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows...
Critical
Unreviewed
CVE-2024-48030
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object...
Critical
Unreviewed
CVE-2024-49218
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows...
Critical
Unreviewed
CVE-2024-48026
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter...
High
Unreviewed
CVE-2024-49227
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection...
Critical
Unreviewed
CVE-2024-48028
was published
Oct 16, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in...
Moderate
Unreviewed
CVE-2021-4451
was published
Oct 16, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP...
Critical
Unreviewed
CVE-2024-9634
was published
Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An...
Moderate
Unreviewed
CVE-2024-9953
was published
Oct 15, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does...
High
Unreviewed
CVE-2024-45733
was published
Oct 14, 2024
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects...
Moderate
Unreviewed
CVE-2024-9917
was published
Oct 13, 2024
pac4j-core affected by a Java deserialization vulnerability
Critical
CVE-2023-25581
was published
for
org.pac4j:pac4j-core
(Maven)
Oct 11, 2024
Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback...
Critical
Unreviewed
CVE-2024-48033
was published
Oct 11, 2024
Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before...
Low
Unreviewed
CVE-2023-26592
was published
Oct 10, 2024
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This...
Critical
Unreviewed
CVE-2024-47636
was published
Oct 10, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be...
High
Unreviewed
CVE-2024-9005
was published
Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9314
was published
Oct 5, 2024
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Critical
CVE-2024-47561
was published
for
org.apache.avro:avro
(Maven)
Oct 3, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7433
was published
Oct 1, 2024
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7434
was published
Oct 1, 2024
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7432
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API