GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,032

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,377 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed

CVE-2024-9953 was published Oct 15, 2024

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does... High Unreviewed

CVE-2024-45733 was published Oct 14, 2024

A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects... Moderate Unreviewed

CVE-2024-9917 was published Oct 13, 2024

Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback... Critical Unreviewed

CVE-2024-48033 was published Oct 11, 2024

Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Low Unreviewed

CVE-2023-26592 was published Oct 10, 2024

Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This... Critical Unreviewed

CVE-2024-47636 was published Oct 10, 2024

CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be... High Unreviewed

CVE-2024-9005 was published Oct 8, 2024

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9314 was published Oct 5, 2024

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed

CVE-2024-7432 was published Oct 1, 2024

The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed

CVE-2024-7433 was published Oct 1, 2024

The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed

CVE-2024-7434 was published Oct 1, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-8353 was published Sep 28, 2024

The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is... High Unreviewed

CVE-2024-8922 was published Sep 27, 2024

IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the... High Unreviewed

CVE-2024-43191 was published Sep 26, 2024

In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is... High Unreviewed

CVE-2024-8316 was published Sep 25, 2024

In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is... High Unreviewed

CVE-2024-7576 was published Sep 25, 2024

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-8514 was published Sep 25, 2024

The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is... High Unreviewed

CVE-2022-2439 was published Sep 24, 2024

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating). This... High Unreviewed

CVE-2024-42323 was published Sep 21, 2024

The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the ... High Unreviewed

CVE-2022-2446 was published Sep 13, 2024

ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted... Critical Unreviewed

CVE-2024-41874 was published Sep 13, 2024

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution... Critical Unreviewed

CVE-2024-28991 was published Sep 12, 2024

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024... Critical Unreviewed

CVE-2024-29847 was published Sep 12, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed

CVE-2024-43464 was published Sep 10, 2024

Microsoft SharePoint Server Denial of Service Vulnerability Moderate Unreviewed

CVE-2024-43466 was published Sep 10, 2024

Previous 1…21…56 Next

Previous 1 2 … 19 20 21 22 23 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,377 advisories