GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
686 advisories
Filter by severity
The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-10913
was published
Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite...
High
Unreviewed
CVE-2024-52445
was published
Nov 20, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the...
High
Unreviewed
CVE-2024-10382
was published
Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Apache HertzBeat.
This vulnerability can only...
High
Unreviewed
CVE-2024-41151
was published
Nov 18, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-10962
was published
Nov 14, 2024
FileManager Deserialization of Untrusted Data vulnerability
High
CVE-2024-52306
was published
for
backpack/filemanager
(Composer)
Nov 13, 2024
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to...
High
Unreviewed
CVE-2024-43080
was published
Nov 13, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack...
High
Unreviewed
CVE-2024-10012
was published
Nov 13, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution...
High
Unreviewed
CVE-2024-10013
was published
Nov 13, 2024
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-10828
was published
Nov 13, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM...
High
Unreviewed
CVE-2023-32736
was published
Nov 12, 2024
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
High
CVE-2024-47072
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Nov 7, 2024
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability
High
CVE-2024-43383
was published
for
Lucene.Net.Replicator
(NuGet)
Oct 31, 2024
ThinkPHP deserialization vulnerability
High
CVE-2024-48112
was published
for
topthink/thinkphp
(Composer)
Oct 30, 2024
Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object...
High
Unreviewed
CVE-2024-50408
was published
Oct 28, 2024
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for...
High
Unreviewed
CVE-2024-50416
was published
Oct 28, 2024
Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule...
High
Unreviewed
CVE-2024-49684
was published
Oct 23, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object...
High
Unreviewed
CVE-2024-49226
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter...
High
Unreviewed
CVE-2024-49227
was published
Oct 16, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does...
High
Unreviewed
CVE-2024-45733
was published
Oct 14, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be...
High
Unreviewed
CVE-2024-9005
was published
Oct 8, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9314
was published
Oct 5, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7433
was published
Oct 1, 2024
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7434
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API