Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

661 advisories

Loading
In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch... High Unreviewed
CVE-2018-9474 was published Nov 20, 2024
The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed
CVE-2024-10913 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite... High Unreviewed
CVE-2024-52445 was published Nov 20, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed
CVE-2024-10382 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Apache HertzBeat. This vulnerability can only... High Unreviewed
CVE-2024-41151 was published Nov 18, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10962 was published Nov 14, 2024
FileManager Deserialization of Untrusted Data vulnerability High
CVE-2024-52306 was published for backpack/filemanager (Composer) Nov 13, 2024
catferq
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to... High Unreviewed
CVE-2024-43080 was published Nov 13, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution... High Unreviewed
CVE-2024-10013 was published Nov 13, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack... High Unreviewed
CVE-2024-10012 was published Nov 13, 2024
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10828 was published Nov 13, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM... High Unreviewed
CVE-2023-32736 was published Nov 12, 2024
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream High
CVE-2024-47072 was published for com.thoughtworks.xstream:xstream (Maven) Nov 7, 2024
DarkaMaul
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability High
CVE-2024-43383 was published for Lucene.Net.Replicator (NuGet) Oct 31, 2024
ThinkPHP deserialization vulnerability High
CVE-2024-48112 was published for topthink/thinkphp (Composer) Oct 30, 2024
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for... High Unreviewed
CVE-2024-50416 was published Oct 28, 2024
Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object... High Unreviewed
CVE-2024-50408 was published Oct 28, 2024
Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule... High Unreviewed
CVE-2024-49684 was published Oct 23, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up... High Unreviewed
CVE-2024-10079 was published Oct 18, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object... High Unreviewed
CVE-2024-49226 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter... High Unreviewed
CVE-2024-49227 was published Oct 16, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does... High Unreviewed
CVE-2024-45733 was published Oct 14, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be... High Unreviewed
CVE-2024-9005 was published Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9314 was published Oct 5, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed
CVE-2024-7433 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database