Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

935 advisories

Loading
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-12687 was published Dec 16, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack... High Unreviewed
CVE-2024-10095 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu allows Object Injection... High Unreviewed
CVE-2024-54282 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed
CVE-2024-54273 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-11839 was published Dec 13, 2024
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed
CVE-2024-49147 was published Dec 12, 2024
The Print Science Designer plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-12312 was published Dec 12, 2024
Microsoft/Muzic Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49063 was published Dec 12, 2024
Microsoft SharePoint Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49070 was published Dec 12, 2024
GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11947 was published Dec 12, 2024
GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11949 was published Dec 12, 2024
JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization... Critical Unreviewed
CVE-2024-53477 was published Dec 2, 2024
Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code. Critical Unreviewed
CVE-2024-51363 was published Dec 4, 2024
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7... High Unreviewed
CVE-2024-53247 was published Dec 10, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM... High Unreviewed
CVE-2024-49849 was published Dec 10, 2024
The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed
CVE-2024-11501 was published Dec 7, 2024
Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful... Moderate Unreviewed
CVE-2023-52357 was published Feb 18, 2024
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due... Moderate Unreviewed
CVE-2023-21206 was published Jun 28, 2023
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms... High Unreviewed
CVE-2024-10587 was published Dec 4, 2024
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed
CVE-2024-53673 was published Nov 27, 2024
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed
CVE-2024-11145 was published Nov 26, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It... Critical Unreviewed
CVE-2024-53909 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It... Critical Unreviewed
CVE-2024-53910 was published Nov 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database