Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,007 advisories

Loading
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2023-3234 was published Jun 14, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-3232 was published Jun 14, 2023
Apache NiFi vulnerable to Deserialization of Untrusted Data Moderate
CVE-2023-34212 was published for org.apache.nifi:nifi-jms-processors (Maven) Jun 12, 2023
exceptionfactory
Credited to exceptionfactory
Kredis JSON Possible Deserialization of Untrusted Data Vulnerability Moderate
CVE-2023-27531 was published for kredis (RubyGems) Jun 9, 2023
Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash Moderate
CVE-2021-32742 was published for github.com/vapor/vapor (Swift) Jun 9, 2023
An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed... High Unreviewed
CVE-2023-30262 was published Jun 9, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote... High Unreviewed
CVE-2023-33284 was published Jun 7, 2023
xxl-rpc deserialization vulnerability Critical
CVE-2023-33496 was published for com.xuxueli:xxl-rpc-core (Maven) Jun 7, 2023
The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to... Critical Unreviewed
CVE-2020-36726 was published Jun 7, 2023
The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions... Critical Unreviewed
CVE-2020-36727 was published Jun 7, 2023
The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in... Critical Unreviewed
CVE-2020-36718 was published Jun 7, 2023
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before... High Unreviewed
CVE-2023-2288 was published May 30, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP... High Unreviewed
CVE-2023-2500 was published May 25, 2023
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote... Critical Unreviewed
CVE-2023-27068 was published May 23, 2023
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due... Critical Unreviewed
CVE-2023-32336 was published May 22, 2023
glazedlists XML Deserialization vulnerability Critical
CVE-2023-31890 was published for com.glazedlists:glazedlists (Maven) May 16, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,... High Unreviewed
CVE-2023-1549 was published May 15, 2023
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with... High Unreviewed
CVE-2023-20878 was published May 12, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2... High Unreviewed
CVE-2023-30899 was published May 9, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2... High Unreviewed
CVE-2023-30898 was published May 9, 2023
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via... High Unreviewed
CVE-2023-1347 was published May 8, 2023
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX... Critical Unreviewed
CVE-2023-1650 was published May 8, 2023
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5... High Unreviewed
CVE-2023-1196 was published May 2, 2023
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings,... High Unreviewed
CVE-2023-1669 was published May 2, 2023
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently... Critical Unreviewed
CVE-2023-1967 was published Apr 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database