Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98 advisories

Loading
A vulnerability was found in dayrui XunRuiCMS up to 4.6.4. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-1186 was published Feb 12, 2025
Utilization of a module presented a security risk by allowing the deserialization of untrusted... Moderate Unreviewed
CVE-2021-27017 was published Feb 7, 2025
NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a... Moderate Unreviewed
CVE-2024-0140 was published Jan 28, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This... Moderate Unreviewed
CVE-2024-13296 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This... Moderate Unreviewed
CVE-2024-13297 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection... Moderate Unreviewed
CVE-2024-13288 was published Jan 9, 2025
Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful... Moderate Unreviewed
CVE-2023-52357 was published Feb 18, 2024
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due... Moderate Unreviewed
CVE-2023-21206 was published Jun 28, 2023
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides... Moderate Unreviewed
CVE-2024-39334 was published Jun 24, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed
CVE-2024-8069 was published Nov 12, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed
CVE-2024-9953 was published Oct 15, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in... Moderate Unreviewed
CVE-2021-4451 was published Oct 16, 2024
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects... Moderate Unreviewed
CVE-2024-9917 was published Oct 13, 2024
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it... Moderate Unreviewed
CVE-2020-0618 was published May 24, 2022
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1.... Moderate Unreviewed
CVE-2023-2042 was published Apr 14, 2023
Microsoft SharePoint Server Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-43466 was published Sep 10, 2024
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-8003 was published Aug 20, 2024
The Universal Slider plugin for WordPress is vulnerable to PHP Object Injection in all versions... Moderate Unreviewed
CVE-2024-5649 was published Jun 19, 2024
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2024-6644 was published Jul 10, 2024
A vulnerability was found in WuKongOpenSource Wukong_nocode up to 20230807. It has been declared... Moderate Unreviewed
CVE-2024-6645 was published Jul 10, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. It... Moderate Unreviewed
CVE-2024-6525 was published Jul 5, 2024
A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to... Moderate Unreviewed
CVE-2024-7067 was published Jul 24, 2024
Deserialization of Untrusted Data vulnerability in MotoPress Timetable and Event Schedule allows... Moderate Unreviewed
CVE-2024-39630 was published Aug 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database