GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,745

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

457 advisories

Filter by severity

Sort by

Least recently updated

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings,... High Unreviewed

CVE-2022-4323 was published Jan 23, 2023

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings,... High Unreviewed

CVE-2022-3425 was published Jan 23, 2023

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Common... High Unreviewed

CVE-2022-45923 was published Jan 19, 2023

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2023-21839 was published Jan 18, 2023

The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a... High Unreviewed

CVE-2022-4327 was published Jan 16, 2023

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object... High Unreviewed

CVE-2023-22850 was published Jan 14, 2023

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied... High Unreviewed

CVE-2022-41778 was published Jan 13, 2023

Spitfire CMS 1.0.475 is vulnerable to PHP Object Injection. High Unreviewed

CVE-2022-47083 was published Jan 10, 2023

The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an... High Unreviewed

CVE-2022-3679 was published Jan 10, 2023

The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file,... High Unreviewed

CVE-2022-3417 was published Jan 10, 2023

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via... High Unreviewed

CVE-2022-4043 was published Jan 10, 2023

The White Label CMS WordPress plugin before 2.5 unserializes user input provided via the settings... High Unreviewed

CVE-2022-4302 was published Jan 3, 2023

The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it... High Unreviewed

CVE-2022-4237 was published Jan 3, 2023

The Custom Field Template WordPress plugin before 2.5.8 unserialises the content of an imported... High Unreviewed

CVE-2022-4324 was published Jan 3, 2023

The system tool has inconsistent serialization and deserialization. Successful exploitation of... High Unreviewed

CVE-2022-41596 was published Dec 20, 2022

The Shortcodes and extra features for Phlox WordPress plugin through 2.10.5 unserializes the... High Unreviewed

CVE-2022-3359 was published Dec 12, 2022

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed

CVE-2022-36964 was published Nov 29, 2022

The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0... High Unreviewed

CVE-2022-3490 was published Nov 28, 2022

The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and... High Unreviewed

CVE-2022-3861 was published Nov 21, 2022

Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress. High Unreviewed

CVE-2022-45077 was published Nov 18, 2022

In some workflow of SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad)... High Unreviewed

CVE-2022-41203 was published Nov 9, 2022

In telephony, there is a possible permission bypass due to a parcel format mismatch. This could... High Unreviewed

CVE-2022-32601 was published Nov 9, 2022

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run... High Unreviewed

CVE-2022-43567 was published Nov 5, 2022

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an... High Unreviewed

CVE-2022-3380 was published Oct 31, 2022

The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which... High Unreviewed

CVE-2022-3374 was published Oct 31, 2022

Previous 1 2 … 8 9 10 11 12 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

457 advisories