Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,007 advisories

Loading
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2025-2332 was published Mar 27, 2025
Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress allows Object... High Unreviewed
CVE-2025-30773 was published Mar 27, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-2855 was published Mar 27, 2025
Deserialization of Untrusted Data vulnerability in Shinetheme Traveler.This issue affects... Critical Unreviewed
CVE-2025-26873 was published Mar 28, 2025
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-2485 was published Mar 28, 2025
Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics... Critical Unreviewed
CVE-2025-22526 was published Mar 28, 2025
Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted... High Unreviewed
CVE-2025-31103 was published Mar 31, 2025
Deserialization of Untrusted Data vulnerability in MDJM MDJM Event Management allows Object... High Unreviewed
CVE-2025-31074 was published Apr 1, 2025
Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart allows... Critical Unreviewed
CVE-2025-31084 was published Apr 1, 2025
Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing... Critical Unreviewed
CVE-2025-31087 was published Apr 1, 2025
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization... Moderate Unreviewed
CVE-2025-27130 was published Apr 1, 2025
Apache Parquet Avro Module Vulnerable to Arbitrary Code Execution Critical
CVE-2025-30065 was published for org.apache.parquet:parquet-avro (Maven) Apr 1, 2025
jooby-pac4j: deserialization of untrusted data High
CVE-2025-31129 was published for io.jooby:jooby-pac4j (Maven) Apr 1, 2025
cwm1123
Credited to cwm1123
Deserialization of Untrusted Data vulnerability in magepeopleteam WpTravelly allows Object... High Unreviewed
CVE-2025-30892 was published Apr 1, 2025
Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll allows Object Injection.... Critical Unreviewed
CVE-2025-31612 was published Apr 1, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Testimonial Slider allows Object... High Unreviewed
CVE-2025-30889 was published Apr 3, 2025
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
A vulnerability in the sendMailFromRemoteSource method in Emails.php  as used in Bitdefender... Critical Unreviewed
CVE-2025-2244 was published Apr 4, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7.... Moderate Unreviewed
CVE-2025-3250 was published Apr 4, 2025
BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization Critical
CVE-2025-27520 was published for bentoml (pip) Apr 4, 2025
c2an1
Credited to c2an1
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of... High Unreviewed
CVE-2025-31175 was published Apr 7, 2025
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the... Moderate Unreviewed
CVE-2025-2251 was published Apr 7, 2025
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The... High Unreviewed
CVE-2025-3425 was published Apr 7, 2025
Picklescan failed to detect to some unsafe global function in Numpy library Moderate
GHSA-fj43-3qmq-673f was published for picklescan (pip) Apr 7, 2025
SeaW1nd
Credited to SeaW1nd
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2025-29793 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database