GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,389

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

827 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in flexmls Flexmls® IDX allows Object Injection.... Critical Unreviewed

CVE-2025-26900 was published Feb 25, 2025

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider... Critical Unreviewed

CVE-2025-26763 was published Feb 22, 2025

The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... Critical Unreviewed

CVE-2024-13789 was published Feb 20, 2025

The application deserializes untrusted data without sufficiently verifying that the resulting... Critical Unreviewed

CVE-2024-37361 was published Feb 20, 2025

The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to... Critical Unreviewed

CVE-2024-12562 was published Feb 15, 2025

Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution Critical

CVE-2024-56180 was published for org.apache.eventmesh:eventmesh-meta-raft (Maven) Feb 14, 2025

Apache Ignite: Possible RCE when deserializing incoming messages by the server node Critical

CVE-2024-52577 was published for org.apache.ignite:ignite-core (Maven) Feb 14, 2025

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute... Critical Unreviewed

CVE-2025-20124 was published Feb 5, 2025

Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for... Critical Unreviewed

CVE-2025-24661 was published Feb 3, 2025

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13742 was published Jan 30, 2025

Deserialization of Untrusted Data vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows... Critical Unreviewed

CVE-2025-24671 was published Jan 27, 2025

Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection.... Critical Unreviewed

CVE-2025-24601 was published Jan 27, 2025

Pre-authentication deserialization of untrusted data vulnerability has been identified in the... Critical Unreviewed

CVE-2025-23006 was published Jan 23, 2025

Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows... Critical Unreviewed

CVE-2025-23914 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection.... Critical Unreviewed

CVE-2025-23932 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... Critical Unreviewed

CVE-2024-49688 was published Jan 21, 2025

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the... Critical Unreviewed

CVE-2024-57766 was published Jan 15, 2025

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the... Critical Unreviewed

CVE-2024-57763 was published Jan 15, 2025

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the... Critical Unreviewed

CVE-2024-57764 was published Jan 15, 2025

Rasa Allows Remote Code Execution via Remote Model Loading Critical

CVE-2024-49375 was published for rasa (pip) Jan 14, 2025

Deserialization of Untrusted Data vulnerability in GiveWP GiveWP allows Object Injection.This... Critical Unreviewed

CVE-2025-22777 was published Jan 13, 2025

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-12877 was published Jan 11, 2025

Apache OpenMeetings vulnerable to Deserialization of Untrusted Data Critical

CVE-2024-54676 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jan 8, 2025

A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the... Critical Unreviewed

CVE-2024-55556 was published Jan 7, 2025

Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object... Critical Unreviewed

CVE-2024-49222 was published Jan 7, 2025

Previous 1…8…34 Next

Previous 1 2 … 6 7 8 9 10 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

827 advisories