Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder &... High Unreviewed
CVE-2024-23512 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose... High Unreviewed
CVE-2024-24926 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects... Moderate Unreviewed
CVE-2023-46615 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:... High Unreviewed
CVE-2024-23513 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real... Critical Unreviewed
CVE-2024-24797 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue... Critical Unreviewed
CVE-2024-25100 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets... High Unreviewed
CVE-2024-24796 was published Feb 12, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res... Moderate Unreviewed
CVE-2024-1432 was published Feb 11, 2024
A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected... Moderate Unreviewed
CVE-2024-1353 was published Feb 9, 2024
Allegro AI ClearML vulnerable to deserialization of untrusted data High
CVE-2024-24590 was published for clearml (pip) Feb 6, 2024
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all... Moderate Unreviewed
CVE-2024-0668 was published Feb 6, 2024
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all... Critical Unreviewed
CVE-2023-6933 was published Feb 6, 2024
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by... High Unreviewed
CVE-2024-1225 was published Feb 5, 2024
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is... Moderate Unreviewed
CVE-2024-1198 was published Feb 3, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could... Critical Unreviewed
CVE-2024-22320 was published Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows... Critical Unreviewed
CVE-2023-51204 was published Jan 31, 2024
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this... High Unreviewed
CVE-2024-1032 was published Jan 30, 2024
ai-flow Deserialization of Untrusted Data vulnerability Moderate
CVE-2024-0960 was published for ai-flow (pip) Jan 27, 2024
A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical.... Moderate Unreviewed
CVE-2024-0959 was published Jan 27, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products... Critical Unreviewed
CVE-2024-20253 was published Jan 26, 2024
Deserialization of untrusted data in synthcity Critical
CVE-2024-0937 was published for synthcity (pip) Jan 26, 2024
m3t3kh4n
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Affected... High Unreviewed
CVE-2024-0936 was published Jan 26, 2024
Apache Airflow: pickle deserialization vulnerability in XComs High
CVE-2023-50943 was published for apache-airflow (pip) Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue... High Unreviewed
CVE-2024-22309 was published Jan 24, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects... High Unreviewed
CVE-2024-22284 was published Jan 24, 2024
ProTip! Advisories are also available from the GraphQL API