GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
558 advisories
Filter by severity
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ...
Critical
Unreviewed
CVE-2024-6794
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that...
Critical
Unreviewed
CVE-2024-6793
was published
Jul 22, 2024
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access...
Critical
Unreviewed
CVE-2024-28074
was published
Jul 17, 2024
TorrentPier Deserialization of Untrusted Data vulnerability
Critical
CVE-2024-40624
was published
for
torrentpier/torrentpier
(Composer)
Jul 15, 2024
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote...
Critical
Unreviewed
CVE-2024-5671
was published
Jun 14, 2024
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &...
Critical
Unreviewed
CVE-2024-4371
was published
Jun 13, 2024
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal,...
Critical
Unreviewed
CVE-2024-5675
was published
Jun 6, 2024
Symfony XML decoding attack vector through external entities
Critical
GHSA-mmcv-fvq8-r9x3
was published
for
symfony/symfony
(Composer)
May 30, 2024
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server...
Critical
Unreviewed
CVE-2024-29212
was published
May 14, 2024
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2024-28075
was published
May 14, 2024
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-51576
was published
May 3, 2024
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted...
Critical
Unreviewed
CVE-2023-39475
was published
May 3, 2024
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote...
Critical
Unreviewed
CVE-2023-39476
was published
May 3, 2024
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore...
Critical
Unreviewed
CVE-2024-33553
was published
Apr 29, 2024
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution...
Critical
Unreviewed
CVE-2023-51570
was published
Apr 2, 2024
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to...
Critical
Unreviewed
CVE-2024-29433
was published
Apr 1, 2024
Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This...
Critical
Unreviewed
CVE-2024-31094
was published
Mar 31, 2024
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects...
Critical
Unreviewed
CVE-2024-30225
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects...
Critical
Unreviewed
CVE-2024-30226
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue...
Critical
Unreviewed
CVE-2024-30228
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects...
Critical
Unreviewed
CVE-2024-30224
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue...
Critical
Unreviewed
CVE-2024-30227
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
Critical
Unreviewed
CVE-2024-30223
was published
Mar 28, 2024
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied...
Critical
Unreviewed
CVE-2024-2054
was published
Mar 21, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code...
Critical
Unreviewed
CVE-2024-1800
was published
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API