Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Loading
The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in... Critical Unreviewed
CVE-2020-36718 was published Jun 7, 2023
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before... High Unreviewed
CVE-2023-2288 was published May 30, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP... High Unreviewed
CVE-2023-2500 was published May 25, 2023
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote... Critical Unreviewed
CVE-2023-27068 was published May 23, 2023
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due... Critical Unreviewed
CVE-2023-32336 was published May 22, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,... High Unreviewed
CVE-2023-1549 was published May 15, 2023
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with... High Unreviewed
CVE-2023-20878 was published May 12, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2... High Unreviewed
CVE-2023-30899 was published May 9, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2... High Unreviewed
CVE-2023-30898 was published May 9, 2023
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX... Critical Unreviewed
CVE-2023-1650 was published May 8, 2023
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via... High Unreviewed
CVE-2023-1347 was published May 8, 2023
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5... High Unreviewed
CVE-2023-1196 was published May 2, 2023
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings,... High Unreviewed
CVE-2023-1669 was published May 2, 2023
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently... Critical Unreviewed
CVE-2023-1967 was published Apr 28, 2023
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ... Critical Unreviewed
CVE-2023-20853 was published Apr 27, 2023
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ... Critical Unreviewed
CVE-2023-20852 was published Apr 27, 2023
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could... High Unreviewed
CVE-2023-2141 was published Apr 21, 2023
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated,... Critical Unreviewed
CVE-2023-20864 was published Apr 20, 2023
A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to... Critical Unreviewed
CVE-2021-28254 was published Apr 19, 2023
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1.... Moderate Unreviewed
CVE-2023-2042 was published Apr 14, 2023
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before... High Unreviewed
CVE-2023-1381 was published Apr 10, 2023
** UNSUPPORTED WHEN ASSIGNED ** A Java insecure deserialization vulnerability in Adobe LiveCycle... Critical Unreviewed
CVE-2023-28500 was published Apr 6, 2023
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could... High Unreviewed
CVE-2023-20102 was published Apr 5, 2023
Deserialization of Untrusted Data in GitHub repository microweber/microweber prior to 1.3.3. Unknown Unreviewed
CVE-2023-1876 was published Apr 5, 2023
An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2020-29312 was published Apr 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database