GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to... Moderate Unreviewed

CVE-2016-10304 was published May 13, 2022

Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized... Critical Unreviewed

CVE-2017-5830 was published May 13, 2022

The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed

CVE-2024-1685 was published Mar 16, 2024

Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This... Critical Unreviewed

CVE-2025-32658 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in WP Speedo Team Members allows Object Injection... High Unreviewed

CVE-2025-32686 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object... Critical Unreviewed

CVE-2025-39551 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz allows Object Injection. This... Critical Unreviewed

CVE-2025-27287 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer allows Object... High Unreviewed

CVE-2025-32647 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object... Critical Unreviewed

CVE-2025-32572 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in bestwebsoft Rating by BestWebSoft allows... High Unreviewed

CVE-2025-39527 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons... Critical Unreviewed

CVE-2025-39588 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in turitop TuriTop Booking System allows Object... High Unreviewed

CVE-2025-32571 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Stylemix uListing allows Object Injection.... High Unreviewed

CVE-2025-32662 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object... Critical Unreviewed

CVE-2025-39550 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in saoshyant1994 Saoshyant Slider allows Object... Critical Unreviewed

CVE-2025-27286 was published Apr 17, 2025

The system tool has inconsistent serialization and deserialization. Successful exploitation of... High Unreviewed

CVE-2022-41596 was published Dec 20, 2022

Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security allows... Moderate Unreviewed

CVE-2025-39565 was published Apr 16, 2025

Deserialization of Untrusted Data vulnerability in NotFound GNUCommerce allows Object Injection.... Critical Unreviewed

CVE-2025-30985 was published Apr 15, 2025

jackson-databind vulnerable to unsafe deserialization High

CVE-2020-10650 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jul 15, 2022

The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote... High Unreviewed

CVE-2016-7065 was published May 17, 2022

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x... High Unreviewed

CVE-2016-4385 was published May 14, 2022

TYPO3 allows remote authenticated backend users to unserialize arbitrary objects Moderate

CVE-2012-3527 was published for typo3/cms (Composer) May 17, 2022

Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions... Moderate Unreviewed

CVE-2025-31935 was published Apr 11, 2025

The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed

CVE-2025-3439 was published Apr 11, 2025

Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is... High Unreviewed

CVE-2025-31932 was published Apr 11, 2025

Previous 1…20…81 Next

Previous 1 2 … 18 19 20 21 22 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,007 advisories