GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an... High Unreviewed

CVE-2022-3380 was published Oct 31, 2022

The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint... High Unreviewed

CVE-2022-3360 was published Oct 31, 2022

The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file,... High Unreviewed

CVE-2022-3357 was published Oct 31, 2022

The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro... High Unreviewed

CVE-2022-3366 was published Oct 31, 2022

The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the content of an imported file,... High Unreviewed

CVE-2022-3334 was published Oct 31, 2022

The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which... High Unreviewed

CVE-2022-3374 was published Oct 31, 2022

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An... High Unreviewed

CVE-2022-40238 was published Oct 26, 2022

The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of... High Unreviewed

CVE-2022-3335 was published Oct 25, 2022

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-36958 was published Oct 21, 2022

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-38108 was published Oct 21, 2022

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-36957 was published Oct 21, 2022

A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2022-23734 was published Oct 19, 2022

OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2022-43019 was published Oct 19, 2022

An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS... High Unreviewed

CVE-2022-22241 was published Oct 18, 2022

Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php. Critical Unreviewed

CVE-2022-40889 was published Oct 18, 2022

Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15... Moderate Unreviewed

CVE-2022-3291 was published Oct 17, 2022

dotPDN Paint.NET before 4.1.2 allows Deserialization of Untrusted Data (issue 1 of 2). Critical Unreviewed

CVE-2018-18446 was published Oct 13, 2022

dotPDN Paint.NET before 4.1.2 allows Deserialization of Untrusted Data (issue 2 of 2). Critical Unreviewed

CVE-2018-18447 was published Oct 13, 2022

In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could... High Unreviewed

CVE-2022-26472 was published Oct 8, 2022

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services... Critical Unreviewed

CVE-2022-31680 was published Oct 8, 2022

In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This... High Unreviewed

CVE-2022-26471 was published Oct 8, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability. High Unreviewed

CVE-2022-41082 was published Oct 4, 2022

The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an... High Unreviewed

CVE-2022-2903 was published Sep 27, 2022

The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation... Critical Unreviewed

CVE-2022-39008 was published Sep 17, 2022

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to... High Unreviewed

CVE-2022-2433 was published Sep 7, 2022

Previous 1…38…55 Next

Previous 1 2 … 36 37 38 39 40 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,372 advisories