Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,500 advisories

Loading
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... High Unreviewed
CVE-2024-31903 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows... Critical Unreviewed
CVE-2025-23914 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection.... Critical Unreviewed
CVE-2025-23932 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection.... High Unreviewed
CVE-2025-23944 was published Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-0429 was published Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-0428 was published Jan 22, 2025
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to... High Unreviewed
CVE-2024-49744 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... Critical Unreviewed
CVE-2024-49688 was published Jan 21, 2025
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... High Unreviewed
CVE-2024-49699 was published Jan 21, 2025
The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2024-10936 was published Jan 21, 2025
The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote... High Unreviewed
CVE-2025-0586 was published Jan 20, 2025
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of... High Unreviewed
CVE-2024-12703 was published Jan 17, 2025
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
Microsoft Excel Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21364 was published Jan 14, 2025
Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13163 was published Jan 14, 2025
Rasa Allows Remote Code Execution via Remote Model Loading Critical
CVE-2024-49375 was published for rasa (pip) Jan 14, 2025
Deserialization of Untrusted Data vulnerability in GiveWP GiveWP allows Object Injection.This... Critical Unreviewed
CVE-2025-22777 was published Jan 13, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2024-12877 was published Jan 11, 2025
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... High Unreviewed
CVE-2024-12627 was published Jan 11, 2025
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This... Moderate Unreviewed
CVE-2024-13297 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This... Moderate Unreviewed
CVE-2024-13296 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection... Moderate Unreviewed
CVE-2024-13288 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
Apache OpenMeetings vulnerable to Deserialization of Untrusted Data Critical
CVE-2024-54676 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database