GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,025

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,006 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to... Critical Unreviewed

CVE-2024-37288 was published Sep 9, 2024

A deserialization of untrusted data vulnerability with a malicious payload can allow an... Critical Unreviewed

CVE-2024-40711 was published Sep 7, 2024

H2O.ai H2O vulnerable to deserialization attacks via a JDBC Connection URL Critical

CVE-2024-45758 was published for ai.h2o:h2o-core (Maven) Sep 6, 2024

The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-7435 was published Aug 31, 2024

The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all... Critical Unreviewed

CVE-2024-8016 was published Aug 30, 2024

The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-2694 was published Aug 30, 2024

Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote... High Unreviewed

CVE-2024-8255 was published Aug 29, 2024

Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This... Critical Unreviewed

CVE-2024-43931 was published Aug 29, 2024

The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the... High Unreviewed

CVE-2022-2440 was published Aug 29, 2024

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store... Critical Unreviewed

CVE-2024-8030 was published Aug 28, 2024

The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed

CVE-2024-7351 was published Aug 24, 2024

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store... Critical Unreviewed

CVE-2024-5335 was published Aug 21, 2024

A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected... Moderate Unreviewed

CVE-2024-8003 was published Aug 20, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-5932 was published Aug 20, 2024

Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue... Critical Unreviewed

CVE-2024-43354 was published Aug 19, 2024

Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object... Critical Unreviewed

CVE-2024-43242 was published Aug 19, 2024

Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue... Critical Unreviewed

CVE-2024-43252 was published Aug 19, 2024

Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This... Critical Unreviewed

CVE-2024-37099 was published Aug 19, 2024

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code... Critical Unreviewed

CVE-2024-28986 was published Aug 14, 2024

Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants... Critical Unreviewed

CVE-2024-43141 was published Aug 13, 2024

The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed

CVE-2024-7560 was published Aug 8, 2024

The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-7561 was published Aug 8, 2024

The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed

CVE-2024-7486 was published Aug 8, 2024

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an... High Unreviewed

CVE-2024-36131 was published Aug 7, 2024

Redisson vulnerable to Deserialization of Untrusted Data Critical

CVE-2023-42809 was published for org.redisson:redisson (Maven) Aug 5, 2024

Previous 1…27…81 Next

Previous 1 2 … 25 26 27 28 29 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,006 advisories