GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-47503 was published Feb 15, 2023

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-47504 was published Feb 15, 2023

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-47507 was published Feb 15, 2023

SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of... High Unreviewed

CVE-2023-23836 was published Feb 15, 2023

The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input... High Unreviewed

CVE-2022-3568 was published Feb 10, 2023

The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which... High Unreviewed

CVE-2022-4489 was published Feb 6, 2023

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2023-25135 was published Feb 3, 2023

A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be... Critical Unreviewed

CVE-2022-32521 was published Jan 31, 2023

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the... High Unreviewed

CVE-2022-4680 was published Jan 30, 2023

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor... High Unreviewed

CVE-2022-31710 was published Jan 26, 2023

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings,... High Unreviewed

CVE-2022-4323 was published Jan 23, 2023

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings,... High Unreviewed

CVE-2022-3425 was published Jan 23, 2023

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Common... High Unreviewed

CVE-2022-45923 was published Jan 19, 2023

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2023-21839 was published Jan 18, 2023

The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a... High Unreviewed

CVE-2022-4327 was published Jan 16, 2023

A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp.... Critical Unreviewed

CVE-2022-4890 was published Jan 16, 2023

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object... High Unreviewed

CVE-2023-22850 was published Jan 14, 2023

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by... Critical Unreviewed

CVE-2022-46478 was published Jan 13, 2023

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied... High Unreviewed

CVE-2022-41778 was published Jan 13, 2023

Spitfire CMS 1.0.475 is vulnerable to PHP Object Injection. High Unreviewed

CVE-2022-47083 was published Jan 10, 2023

The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an... High Unreviewed

CVE-2022-3679 was published Jan 10, 2023

The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file,... High Unreviewed

CVE-2022-3417 was published Jan 10, 2023

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via... High Unreviewed

CVE-2022-4043 was published Jan 10, 2023

The White Label CMS WordPress plugin before 2.5 unserializes user input provided via the settings... High Unreviewed

CVE-2022-4302 was published Jan 3, 2023

The Custom Field Template WordPress plugin before 2.5.8 unserialises the content of an imported... High Unreviewed

CVE-2022-4324 was published Jan 3, 2023

Previous 1…36…55 Next

Previous 1 2 … 34 35 36 37 38 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,372 advisories