GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,204
Composer 4,097
Erlang 29
GitHub Actions 19
Go 1,925
Maven 5,117
npm 3,657
NuGet 638
pip 3,264
Pub 10
RubyGems 873
Rust 823
Swift 35

Unreviewed advisories

All unreviewed 229,369

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,351 advisories

Filter by severity

Sort by

Least recently updated

By-passing Protection of PharStreamWrapper Interceptor Moderate

GHSA-4v5g-8pq2-32m2 was published for typo3/phar-stream-wrapper (Composer) Jun 5, 2024

Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS High

GHSA-ppgf-8745-8pgx was published for typo3/cms (Composer) Jun 5, 2024

Insecure Deserialization in TYPO3 CMS High

GHSA-8h28-f46f-m87h was published for typo3/cms (Composer) Jun 5, 2024

Skops unsafe deserialization High

CVE-2024-37065 was published for skops (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37060 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37059 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37058 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37057 was published for mlflow (pip) Jun 4, 2024

ydata unsafe deserialization High

CVE-2024-37062 was published for ydata-profiling (pip) Jun 4, 2024

ydata unsafe deserialization High

CVE-2024-37064 was published for ydata-profiling (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37056 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37052 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37055 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37054 was published for mlflow (pip) Jun 4, 2024

MLFlow unsafe deserialization High

CVE-2024-37053 was published for mlflow (pip) Jun 4, 2024

TYPO3 Possible Insecure Deserialization in Extbase Request Handling High

GHSA-5h5v-m596-r6rf was published for typo3/cms-core (Composer) May 30, 2024

TYPO3 CMS Insecure Deserialization High

GHSA-96jg-pmc4-cx39 was published for typo3/cms-core (Composer) May 30, 2024

Symfony XML decoding attack vector through external entities Critical

GHSA-mmcv-fvq8-r9x3 was published for symfony/symfony (Composer) May 30, 2024

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is... High Unreviewed

CVE-2024-4978 was published May 23, 2024

OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies... Low Unreviewed

CVE-2024-34274 was published May 21, 2024

IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a... High Unreviewed

CVE-2024-31879 was published May 18, 2024

Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for... Moderate Unreviewed

CVE-2024-34751 was published May 16, 2024

Laravel Cookie serialization vulnerability High

GHSA-6jvx-8ch9-j2jr was published for laravel/framework (Composer) May 15, 2024

Laravel Cookie serialization vulnerability High

GHSA-2867-6rrm-38gr was published for illuminate/cookie (Composer) May 15, 2024

In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514), a code execution... High Unreviewed

CVE-2024-4200 was published May 15, 2024

Previous 1 2 3 4 5 6 7 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,351 advisories