Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,006 advisories

Loading
The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... Critical Unreviewed
CVE-2024-13786 was published Jul 2, 2025
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... High Unreviewed
CVE-2025-6464 was published Jul 2, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. High Unreviewed
CVE-2025-53416 was published Jun 30, 2025
Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code... High Unreviewed
CVE-2025-53415 was published Jun 30, 2025
akka-cluster-metrics uses Java serialization for cluster metrics Moderate
CVE-2025-53393 was published for com.typesafe.akka:akka-cluster-metrics_2.13 (Maven) Jun 29, 2025
Apache Seata Vulnerable to Deserialization of Untrusted Data Critical
CVE-2025-32897 was published for org.apache.seata:seata-config-core (Maven) Jun 28, 2025
oscerd
Credited to oscerd
Deserialization of Untrusted Data vulnerability in uxper Nuss allows Object Injection. This issue... High Unreviewed
CVE-2025-52827 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue... High Unreviewed
CVE-2025-52826 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Amwerk allows Object Injection.... Critical Unreviewed
CVE-2025-52724 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in pebas CouponXxL allows Object Injection. This... Critical Unreviewed
CVE-2025-52725 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms allows Object... Critical Unreviewed
CVE-2025-52709 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in pep.vn WP Optimize By xTraffic allows Object... Critical Unreviewed
CVE-2025-28970 was published Jun 27, 2025
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2025-36038 was published Jun 26, 2025
Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability.... Critical Unreviewed
CVE-2025-2566 was published Jun 24, 2025
A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5... Critical Unreviewed
CVE-2025-25034 was published Jun 20, 2025
Upsonic has vulnerability in Pickle Handler component that can lead to deserialization Low
CVE-2025-6279 was published for upsonic (pip) Jun 19, 2025
PowSyBl Core allows deserialization of untrusted SparseMatrix data High
CVE-2025-47771 was published for com.powsybl:powsybl-math (Maven) Jun 19, 2025
arthurscchan AdamKorcz
olperr1 rolnico
Credited to arthurscchan, AdamKorcz, olperr1, and rolnico
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49212 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49213 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49217 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49214 was published Jun 17, 2025
An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could... Critical Unreviewed
CVE-2025-49220 was published Jun 17, 2025
An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could... Critical Unreviewed
CVE-2025-49219 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in impleCode eCommerce Product Catalog allows... High Unreviewed
CVE-2025-49331 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and... Critical Unreviewed
CVE-2025-49330 was published Jun 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database