Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,434 advisories

Loading
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
logback serialization vulnerability High
CVE-2023-6378 was published for ch.qos.logback:logback-classic (Maven) Nov 29, 2023
jakehall-gocity bvahdat
mpenttila liaodaniel peppers-joseph
A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed
CVE-2024-53673 was published Nov 27, 2024
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed
CVE-2024-11145 was published Nov 26, 2024
Apache Spark Deserialization of Untrusted Data vulnerability High
CVE-2017-12612 was published for org.apache.spark:spark-core_2.10 (Maven) Nov 9, 2018
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It... Critical Unreviewed
CVE-2024-53909 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It... Critical Unreviewed
CVE-2024-53912 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It... Critical Unreviewed
CVE-2024-53915 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It... Critical Unreviewed
CVE-2024-53910 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It... Critical Unreviewed
CVE-2024-53911 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It... Critical Unreviewed
CVE-2024-53914 was published Nov 24, 2024
An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It... Critical Unreviewed
CVE-2024-53913 was published Nov 24, 2024
H2O vulnerable to Deserialization of Untrusted Data High
CVE-2024-6960 was published for ai.h2o:h2o-core (Maven) Jul 21, 2024
Quarkus Improper Handling of Insufficient Permissions or Privileges and Improper Handling of Exceptional Conditions vulnerability High
CVE-2023-6267 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Jan 25, 2024
The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP... Critical Unreviewed
CVE-2024-9511 was published Nov 23, 2024
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2024-11392 was published Nov 23, 2024
Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code... High Unreviewed
CVE-2024-11393 was published Nov 23, 2024
Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2024-11394 was published Nov 23, 2024
Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-5579 was published Nov 22, 2024
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51641 was published Nov 22, 2024
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51642 was published Nov 22, 2024
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-5580 was published Nov 22, 2024
transformers has a Deserialization of Untrusted Data vulnerability High
CVE-2023-7018 was published for transformers (pip) Dec 20, 2023
transformers has a Deserialization of Untrusted Data vulnerability Critical
CVE-2023-6730 was published for transformers (pip) Dec 19, 2023
PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution Low
CVE-2023-49297 was published for PyDrive2 (pip) Dec 5, 2023
ejedev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database