GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,915

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7... High Unreviewed

CVE-2024-53247 was published Dec 10, 2024

A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM... High Unreviewed

CVE-2024-49849 was published Dec 10, 2024

The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-11501 was published Dec 7, 2024

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms... High Unreviewed

CVE-2024-10587 was published Dec 4, 2024

Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code. Critical Unreviewed

CVE-2024-51363 was published Dec 4, 2024

JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization... Critical Unreviewed

CVE-2024-53477 was published Dec 2, 2024

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed

CVE-2024-52338 was published Nov 28, 2024

A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed

CVE-2024-53673 was published Nov 27, 2024

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed

CVE-2024-11145 was published Nov 26, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It... Critical Unreviewed

CVE-2024-53915 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It... Critical Unreviewed

CVE-2024-53913 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It... Critical Unreviewed

CVE-2024-53909 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It... Critical Unreviewed

CVE-2024-53912 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It... Critical Unreviewed

CVE-2024-53914 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It... Critical Unreviewed

CVE-2024-53911 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It... Critical Unreviewed

CVE-2024-53910 was published Nov 24, 2024

The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP... Critical Unreviewed

CVE-2024-9511 was published Nov 23, 2024

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed

CVE-2024-5580 was published Nov 22, 2024

Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed

CVE-2024-5579 was published Nov 22, 2024

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51642 was published Nov 22, 2024

Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51641 was published Nov 22, 2024

In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch... High Unreviewed

CVE-2018-9474 was published Nov 20, 2024

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-10913 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite... High Unreviewed

CVE-2024-52445 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed

CVE-2024-52439 was published Nov 20, 2024

Previous 1…18…55 Next

Previous 1 2 … 16 17 18 19 20 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,372 advisories