GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,337 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder &...
High
Unreviewed
CVE-2024-23512
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose...
High
Unreviewed
CVE-2024-24926
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects...
Moderate
Unreviewed
CVE-2023-46615
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:...
High
Unreviewed
CVE-2024-23513
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real...
Critical
Unreviewed
CVE-2024-24797
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue...
Critical
Unreviewed
CVE-2024-25100
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets...
High
Unreviewed
CVE-2024-24796
was published
Feb 12, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res...
Moderate
Unreviewed
CVE-2024-1432
was published
Feb 11, 2024
A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected...
Moderate
Unreviewed
CVE-2024-1353
was published
Feb 9, 2024
Allegro AI ClearML vulnerable to deserialization of untrusted data
High
CVE-2024-24590
was published
for
clearml
(pip)
Feb 6, 2024
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all...
Moderate
Unreviewed
CVE-2024-0668
was published
Feb 6, 2024
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2023-6933
was published
Feb 6, 2024
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by...
High
Unreviewed
CVE-2024-1225
was published
Feb 5, 2024
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is...
Moderate
Unreviewed
CVE-2024-1198
was published
Feb 3, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
Critical
Unreviewed
CVE-2024-22320
was published
Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows...
Critical
Unreviewed
CVE-2023-51204
was published
Jan 31, 2024
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this...
High
Unreviewed
CVE-2024-1032
was published
Jan 30, 2024
ai-flow Deserialization of Untrusted Data vulnerability
Moderate
CVE-2024-0960
was published
for
ai-flow
(pip)
Jan 27, 2024
A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-0959
was published
Jan 27, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products...
Critical
Unreviewed
CVE-2024-20253
was published
Jan 26, 2024
Deserialization of untrusted data in synthcity
Critical
CVE-2024-0937
was published
for
synthcity
(pip)
Jan 26, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Affected...
High
Unreviewed
CVE-2024-0936
was published
Jan 26, 2024
Apache Airflow: pickle deserialization vulnerability in XComs
High
CVE-2023-50943
was published
for
apache-airflow
(pip)
Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue...
High
Unreviewed
CVE-2024-22309
was published
Jan 24, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects...
High
Unreviewed
CVE-2024-22284
was published
Jan 24, 2024
ProTip!
Advisories are also available from the
GraphQL API