GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
440 advisories
Filter by severity
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This...
High
Unreviewed
CVE-2024-42323
was published
Sep 21, 2024
The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the ...
High
Unreviewed
CVE-2022-2446
was published
Sep 13, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43464
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38018
was published
Sep 10, 2024
The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7435
was published
Aug 31, 2024
The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-2694
was published
Aug 30, 2024
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote...
High
Unreviewed
CVE-2024-8255
was published
Aug 29, 2024
The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the...
High
Unreviewed
CVE-2022-2440
was published
Aug 29, 2024
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions...
High
Unreviewed
CVE-2024-7351
was published
Aug 24, 2024
The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7486
was published
Aug 8, 2024
The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
High
Unreviewed
CVE-2024-7561
was published
Aug 8, 2024
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7560
was published
Aug 8, 2024
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an...
High
Unreviewed
CVE-2024-36131
was published
Aug 7, 2024
Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue...
High
Unreviewed
CVE-2024-39636
was published
Aug 2, 2024
The Flipbox Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up...
High
Unreviewed
CVE-2024-6152
was published
Jul 27, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in...
High
Unreviewed
CVE-2024-6675
was published
Jul 22, 2024
Microsoft SharePoint Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38094
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38023
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38024
was published
Jul 9, 2024
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 (All versions < V16 Update 7),...
High
Unreviewed
CVE-2023-32735
was published
Jul 9, 2024
A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP 7 V16 ...
High
Unreviewed
CVE-2022-45147
was published
Jul 9, 2024
A vulnerability has been identified in SIMATIC STEP 7 Safety V18 (All versions < V18 Update 2)....
High
Unreviewed
CVE-2023-32737
was published
Jul 9, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user...
High
Unreviewed
CVE-2024-36984
was published
Jul 1, 2024
In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be...
High
Unreviewed
CVE-2024-5016
was published
Jun 25, 2024
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer...
High
Unreviewed
CVE-2024-35780
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API