GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,336 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer...
High
Unreviewed
CVE-2024-35780
was published
Jun 19, 2024
The Universal Slider plugin for WordPress is vulnerable to PHP Object Injection in all versions...
Moderate
Unreviewed
CVE-2024-5649
was published
Jun 19, 2024
The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection in all...
High
Unreviewed
CVE-2024-5724
was published
Jun 19, 2024
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote...
Critical
Unreviewed
CVE-2024-5671
was published
Jun 14, 2024
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &...
Critical
Unreviewed
CVE-2024-4371
was published
Jun 13, 2024
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI...
Unknown
Unreviewed
CVE-2024-3468
was published
Jun 12, 2024
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to...
Unknown
Unreviewed
CVE-2024-3467
was published
Jun 12, 2024
Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization...
High
Unreviewed
CVE-2024-28964
was published
Jun 12, 2024
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-35249
was published
Jun 11, 2024
nukeviet Deserialization of Untrusted Data vulnerability
High
CVE-2024-36528
was published
for
nukeviet/nukeviet
(Composer)
Jun 10, 2024
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal,...
Critical
Unreviewed
CVE-2024-5675
was published
Jun 6, 2024
By-passing Protection of PharStreamWrapper Interceptor
Moderate
GHSA-4v5g-8pq2-32m2
was published
for
typo3/phar-stream-wrapper
(Composer)
Jun 5, 2024
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS
High
GHSA-ppgf-8745-8pgx
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Insecure Deserialization in TYPO3 CMS
High
GHSA-8h28-f46f-m87h
was published
for
typo3/cms
(Composer)
Jun 5, 2024
ydata unsafe deserialization
High
CVE-2024-37062
was published
for
ydata-profiling
(pip)
Jun 4, 2024
ydata unsafe deserialization
High
CVE-2024-37064
was published
for
ydata-profiling
(pip)
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API