Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

141 advisories

Loading
A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5... Moderate Unreviewed
CVE-2024-0302 was published Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue... Moderate Unreviewed
CVE-2023-36381 was published Dec 28, 2023
Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager –... Moderate Unreviewed
CVE-2022-47599 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor... Moderate Unreviewed
CVE-2023-34382 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for... Moderate Unreviewed
CVE-2023-46154 was published Dec 19, 2023
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res... Moderate Unreviewed
CVE-2023-6656 was published Dec 10, 2023
PHPEMS Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-6654 was published for phpems/phpems (Composer) Dec 10, 2023
Elasticsearch-hadoop Unsafe Deserialization Moderate
CVE-2023-46674 was published for org.elasticsearch:elasticsearch-hadoop (Maven) Dec 5, 2023
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe... Moderate Unreviewed
CVE-2023-40121 was published Oct 27, 2023
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for... Moderate Unreviewed
CVE-2023-34050 was published Oct 19, 2023
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2023-5016 was published Sep 17, 2023
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue... Moderate Unreviewed
CVE-2023-32665 was published Sep 14, 2023
Drools Core Deserialization of Untrusted Data vulnerability Moderate
CVE-2022-1415 was published for org.drools:drools-core (Maven) Sep 11, 2023
Apache Superset Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-37941 was published for apache-superset (pip) Sep 6, 2023
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1... Moderate Unreviewed
CVE-2023-24971 was published Jul 31, 2023
Apache Johnzon Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-33008 was published for org.apache.johnzon:johnzon-mapper (Maven) Jul 7, 2023
In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2023-21205 was published Jun 28, 2023
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due... Moderate Unreviewed
CVE-2023-21206 was published Jun 28, 2023
In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe... Moderate Unreviewed
CVE-2023-21209 was published Jun 28, 2023
Whaleal IceFrog is vulnerable to deserialization Moderate
CVE-2023-3308 was published for com.whaleal.icefrog:icefrog-all (Maven) Jun 18, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2023-3234 was published Jun 14, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-3232 was published Jun 14, 2023
Apache NiFi vulnerable to Deserialization of Untrusted Data Moderate
CVE-2023-34212 was published for org.apache.nifi:nifi-jms-bundle (Maven) Jun 12, 2023
Kredis JSON Possible Deserialization of Untrusted Data Vulnerability Moderate
CVE-2023-27531 was published for kredis (RubyGems) Jun 9, 2023
Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash Moderate
CVE-2021-32742 was published for github.com/vapor/vapor (Swift) Jun 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database