GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,001 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code... High Unreviewed

CVE-2025-53415 was published Jun 30, 2025

akka-cluster-metrics uses Java serialization for cluster metrics Moderate

CVE-2025-53393 was published for com.typesafe.akka:akka-cluster-metrics_2.13 (Maven) Jun 29, 2025

Apache Seata Vulnerable to Deserialization of Untrusted Data Critical

CVE-2025-32897 was published for org.apache.seata:seata-config-core (Maven) Jun 28, 2025

Credited to oscerd

Deserialization of Untrusted Data vulnerability in uxper Nuss allows Object Injection. This issue... High Unreviewed

CVE-2025-52827 was published Jun 27, 2025

Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue... High Unreviewed

CVE-2025-52826 was published Jun 27, 2025

Deserialization of Untrusted Data vulnerability in BoldThemes Amwerk allows Object Injection.... Critical Unreviewed

CVE-2025-52724 was published Jun 27, 2025

Deserialization of Untrusted Data vulnerability in pebas CouponXxL allows Object Injection. This... Critical Unreviewed

CVE-2025-52725 was published Jun 27, 2025

Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms allows Object... Critical Unreviewed

CVE-2025-52709 was published Jun 27, 2025

Deserialization of Untrusted Data vulnerability in pep.vn WP Optimize By xTraffic allows Object... Critical Unreviewed

CVE-2025-28970 was published Jun 27, 2025

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2025-36038 was published Jun 26, 2025

Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability.... Critical Unreviewed

CVE-2025-2566 was published Jun 24, 2025

A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5... Critical Unreviewed

CVE-2025-25034 was published Jun 20, 2025

Upsonic has vulnerability in Pickle Handler component that can lead to deserialization Low

CVE-2025-6279 was published for upsonic (pip) Jun 19, 2025

PowSyBl Core allows deserialization of untrusted SparseMatrix data High

CVE-2025-47771 was published for com.powsybl:powsybl-math (Maven) Jun 19, 2025

Credited to arthurscchan, AdamKorcz, olperr1, and rolnico

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed

CVE-2025-49214 was published Jun 17, 2025

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed

CVE-2025-49212 was published Jun 17, 2025

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed

CVE-2025-49213 was published Jun 17, 2025

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed

CVE-2025-49217 was published Jun 17, 2025

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could... Critical Unreviewed

CVE-2025-49220 was published Jun 17, 2025

An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could... Critical Unreviewed

CVE-2025-49219 was published Jun 17, 2025

Deserialization of Untrusted Data vulnerability in impleCode eCommerce Product Catalog allows... High Unreviewed

CVE-2025-49331 was published Jun 17, 2025

Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and... Critical Unreviewed

CVE-2025-49330 was published Jun 17, 2025

Deserialization of Untrusted Data vulnerability in yuliaz Rapyd Payment Extension for WooCommerce... Critical Unreviewed

CVE-2025-30618 was published Jun 17, 2025

Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This... Critical Unreviewed

CVE-2025-31919 was published Jun 17, 2025

A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality... High Unreviewed

CVE-2025-24919 was published Jun 14, 2025

Previous 1…9…81 Next

Previous 1 2 … 7 8 9 10 11 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,001 advisories