Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,007 advisories

Loading
The Geo Controller WordPress plugin before 8.6.5 unserializes user input via some of its AJAX... Moderate Unreviewed
CVE-2024-3591 was published May 1, 2024
The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is... High Unreviewed
CVE-2024-1895 was published Apr 30, 2024
Deserialization of untrusted data can occur in the R statistical programming language, on any... High Unreviewed
CVE-2024-27322 was published Apr 29, 2024
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore... Critical Unreviewed
CVE-2024-33553 was published Apr 29, 2024
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue... Moderate Unreviewed
CVE-2024-33641 was published Apr 29, 2024
Deserialization of Untrusted Data vulnerability in Import and export users and customers.This... Moderate Unreviewed
CVE-2024-32817 was published Apr 24, 2024
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This... Moderate Unreviewed
CVE-2024-32835 was published Apr 24, 2024
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up... Moderate Unreviewed
CVE-2024-4019 was published Apr 20, 2024
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master... High Unreviewed
CVE-2024-32600 was published Apr 18, 2024
Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects... High Unreviewed
CVE-2024-32603 was published Apr 18, 2024
Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue... Moderate Unreviewed
CVE-2024-32431 was published Apr 15, 2024
A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9... Moderate Unreviewed
CVE-2024-3740 was published Apr 13, 2024
timber/timber vulnerable to Deserialization of Untrusted Data High
CVE-2024-29800 was published for timber/timber (Composer) Apr 12, 2024
Sonicrrrr dennisenderink
Credited to Sonicrrrr and dennisenderink
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:... Moderate Unreviewed
CVE-2024-27985 was published Apr 11, 2024
Transformers Deserialization of Untrusted Data vulnerability Low
CVE-2024-3568 was published for transformers (pip) Apr 10, 2024
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions... Critical Unreviewed
CVE-2024-1813 was published Apr 9, 2024
A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability... Moderate Unreviewed
CVE-2024-3431 was published Apr 8, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue... High Unreviewed
CVE-2024-31277 was published Apr 7, 2024
Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue... Moderate Unreviewed
CVE-2024-31308 was published Apr 7, 2024
Xuxueli xxl-job template injection vulnerability Low
CVE-2024-3366 was published for com.xuxueli:xxl-job-core (Maven) Apr 6, 2024
AnonySE26
Credited to AnonySE26
Alldata V0.4.6 is vulnerable to Command execution vulnerability. System commands can be... Critical Unreviewed
CVE-2024-27604 was published Apr 2, 2024
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution... Critical Unreviewed
CVE-2023-51570 was published Apr 2, 2024
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to... Critical Unreviewed
CVE-2024-29433 was published Apr 1, 2024
Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This... Critical Unreviewed
CVE-2024-31094 was published Mar 31, 2024
The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2024-3018 was published Mar 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database