Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

398 advisories

Loading
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed
CVE-2024-54273 was published Dec 13, 2024
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed
CVE-2024-49147 was published Dec 12, 2024
Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code. Critical Unreviewed
CVE-2024-51363 was published Dec 4, 2024
JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization... Critical Unreviewed
CVE-2024-53477 was published Dec 2, 2024
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed
CVE-2024-11145 was published Nov 26, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It... Critical Unreviewed
CVE-2024-53909 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It... Critical Unreviewed
CVE-2024-53910 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It... Critical Unreviewed
CVE-2024-53911 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It... Critical Unreviewed
CVE-2024-53912 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It... Critical Unreviewed
CVE-2024-53913 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It... Critical Unreviewed
CVE-2024-53914 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It... Critical Unreviewed
CVE-2024-53915 was published Nov 24, 2024
The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP... Critical Unreviewed
CVE-2024-9511 was published Nov 23, 2024
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51642 was published Nov 22, 2024
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51641 was published Nov 22, 2024
Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object... Critical Unreviewed
CVE-2024-52443 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed
CVE-2024-52439 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed
CVE-2024-52440 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... Critical Unreviewed
CVE-2024-52432 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection... Critical Unreviewed
CVE-2024-52430 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free... Critical Unreviewed
CVE-2024-52433 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu... Critical Unreviewed
CVE-2024-52414 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object... Critical Unreviewed
CVE-2024-52409 was published Nov 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database