Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

612 advisories

Loading
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It... Critical Unreviewed
CVE-2024-53913 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It... Critical Unreviewed
CVE-2024-53914 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It... Critical Unreviewed
CVE-2024-53912 was published Nov 24, 2024
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed
CVE-2024-11145 was published Nov 26, 2024
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code. Critical Unreviewed
CVE-2024-51363 was published Dec 4, 2024
JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization... Critical Unreviewed
CVE-2024-53477 was published Dec 2, 2024
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed
CVE-2024-49147 was published Dec 12, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed
CVE-2024-54273 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object... Critical Unreviewed
CVE-2024-56058 was published Dec 18, 2024
A deserialization of untrusted data vulnerability with a malicious payload can allow an... Critical Unreviewed
CVE-2024-40711 was published Sep 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database