Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,435 advisories

Loading
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to... Critical Unreviewed
CVE-2024-29433 was published Apr 1, 2024
The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed
CVE-2024-7435 was published Aug 31, 2024
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all... Critical Unreviewed
CVE-2024-8016 was published Aug 30, 2024
The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed
CVE-2024-2694 was published Aug 30, 2024
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This... Critical Unreviewed
CVE-2024-43931 was published Aug 29, 2024
The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the... High Unreviewed
CVE-2022-2440 was published Aug 29, 2024
Deserialization of Untrusted Data in Liferay Portal Critical
CVE-2020-7961 was published for com.liferay.portal:com.liferay.portal.kernel (Maven) May 24, 2022
amuravski liefke
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store... Critical Unreviewed
CVE-2024-8030 was published Aug 28, 2024
Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks... High Unreviewed
CVE-2024-24725 was published Mar 24, 2024
An issue in WuKongOpenSource WukongCRM v.72crm_9.0.1_20191202 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-23052 was published Feb 29, 2024
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
justinrosenthal ekaf
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-7351 was published Aug 24, 2024
Apache James server: Privilege escalation via JMX pre-authentication deserialization Critical
CVE-2023-51518 was published for org.apache.james:james-server (Maven) Feb 27, 2024
oscerd
nGrinder vulnerable to unsafe Java objects deserialization Critical
CVE-2024-28213 was published for org.ngrinder:ngrinder-core (Maven) Mar 7, 2024
nukeviet Deserialization of Untrusted Data vulnerability High
CVE-2024-36528 was published for nukeviet/nukeviet (Composer) Jun 10, 2024
image-optimizer allows PHAR deserialization High
CVE-2024-34515 was published for spatie/image-optimizer (Composer) May 5, 2024
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store... Critical Unreviewed
CVE-2024-5335 was published Aug 21, 2024
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-8003 was published Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2024-5932 was published Aug 20, 2024
Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue... Critical Unreviewed
CVE-2024-43354 was published Aug 19, 2024
Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object... Critical Unreviewed
CVE-2024-43242 was published Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue... Critical Unreviewed
CVE-2024-43252 was published Aug 19, 2024
Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This... Critical Unreviewed
CVE-2024-37099 was published Aug 19, 2024
The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-5724 was published Jun 19, 2024
The Universal Slider plugin for WordPress is vulnerable to PHP Object Injection in all versions... Moderate Unreviewed
CVE-2024-5649 was published Jun 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database