Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,006 advisories

Loading
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code... High Unreviewed
CVE-2025-54923 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical... Critical Unreviewed
CVE-2025-54014 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in nanbu Welcart e-Commerce allows Object... High Unreviewed
CVE-2025-54012 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in Adrian Tobey Groundhogg allows Object... Moderate Unreviewed
CVE-2025-54053 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks... High Unreviewed
CVE-2025-54007 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object... High Unreviewed
CVE-2025-49438 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content... Critical Unreviewed
CVE-2025-53299 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in rascals Noisa allows Object Injection. This... High Unreviewed
CVE-2025-53560 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8289 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8145 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of... Critical Unreviewed
CVE-2025-8875 was published Aug 14, 2025
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is... Moderate Unreviewed
CVE-2025-8963 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection.... Critical Unreviewed
CVE-2025-54686 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in Arraytics Eventin allows Object Injection.... High Unreviewed
CVE-2025-49869 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in keywordrush Content Egg allows Object... High Unreviewed
CVE-2025-47536 was published Aug 14, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a... High Unreviewed
CVE-2025-23303 was published Aug 13, 2025
Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to... Critical Unreviewed
CVE-2025-34153 was published Aug 13, 2025
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an... Moderate Unreviewed
CVE-2025-2180 was published Aug 13, 2025
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-7384 was published Aug 13, 2025
Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality High
CVE-2025-8747 was published for keras (pip) Aug 12, 2025
io-no
Credited to io-no
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code... High Unreviewed
CVE-2025-53772 was published Aug 12, 2025
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2025-49712 was published Aug 12, 2025
A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 ... High Unreviewed
CVE-2025-40759 was published Aug 12, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2024-54678 was published Aug 12, 2025
Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass High
GHSA-9gvj-pp9x-gcfr was published for picklescan (pip) Aug 12, 2025
Lyutoon
Credited to Lyutoon
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database