GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
39 advisories
Filter by severity
FileManager Deserialization of Untrusted Data vulnerability
High
CVE-2024-52306
was published
for
backpack/filemanager
(Composer)
Nov 13, 2024
ThinkPHP deserialization vulnerability
High
CVE-2024-48112
was published
for
topthink/thinkphp
(Composer)
Oct 30, 2024
nukeviet Deserialization of Untrusted Data vulnerability
High
CVE-2024-36528
was published
for
nukeviet/nukeviet
(Composer)
Jun 10, 2024
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS
High
GHSA-ppgf-8745-8pgx
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Insecure Deserialization in TYPO3 CMS
High
GHSA-8h28-f46f-m87h
was published
for
typo3/cms
(Composer)
Jun 5, 2024
TYPO3 Possible Insecure Deserialization in Extbase Request Handling
High
GHSA-5h5v-m596-r6rf
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 CMS Insecure Deserialization
High
GHSA-96jg-pmc4-cx39
was published
for
typo3/cms-core
(Composer)
May 30, 2024
Laravel Cookie serialization vulnerability
High
GHSA-6jvx-8ch9-j2jr
was published
for
laravel/framework
(Composer)
May 15, 2024
Laravel Cookie serialization vulnerability
High
GHSA-2867-6rrm-38gr
was published
for
illuminate/cookie
(Composer)
May 15, 2024
image-optimizer allows PHAR deserialization
High
CVE-2024-34515
was published
for
spatie/image-optimizer
(Composer)
May 5, 2024
timber/timber vulnerable to Deserialization of Untrusted Data
High
CVE-2024-29800
was published
for
timber/timber
(Composer)
Apr 12, 2024
yiisoft/yii deserializing untrusted user input can lead to remote code execution
High
CVE-2023-47130
was published
for
yiisoft/yii
(Composer)
Nov 14, 2023
Prevent RCE when deserializing untrusted user input
High
CVE-2022-41922
was published
for
yiisoft/yii
(Composer)
Nov 21, 2022
Deserialization of Untrusted Data in librenms/librenms
High
CVE-2022-3525
was published
for
librenms/librenms
(Composer)
Nov 20, 2022
melisplatform/melis-cms vulnerable to deserialization of untrusted data
High
CVE-2022-39297
was published
for
melisplatform/melis-cms
(Composer)
Oct 11, 2022
melisplatform/melis-front vulnerable to deserialization of untrusted data
High
CVE-2022-39298
was published
for
melisplatform/melis-front
(Composer)
Oct 11, 2022
Typo3 Vulnerable to Insecure Deserialization
High
CVE-2019-12747
was published
for
typo3/cms
(Composer)
May 24, 2022
TYPO3 Insecure Deserialization in Query Generator & Query View
High
CVE-2019-19849
was published
for
typo3/cms
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
High
CVE-2019-8141
was published
for
magento/community-edition
(Composer)
May 24, 2022
Pimcore RCE via PHAR upload
High
CVE-2019-16317
was published
for
pimcore/pimcore
(Composer)
May 24, 2022
Shopware Insecure Deserialization Vulnerability
High
CVE-2019-12799
was published
for
shopware/shopware
(Composer)
May 24, 2022
mPDF Unsafe Deserialization
High
CVE-2019-1000005
was published
for
mpdf/mpdf
(Composer)
May 14, 2022
Laravel Framework RCE Vulnerability
High
CVE-2018-15133
was published
for
laravel/framework
(Composer)
May 14, 2022
phpBB Remote Code Execution
High
CVE-2018-19274
was published
for
phpbb/phpbb
(Composer)
May 13, 2022
Pimcore Unserialize Remote Code Execution
High
CVE-2019-10867
was published
for
pimcore/pimcore
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API