GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
34 advisories
Filter by severity
OISF suricata-update unsafely deserializes YAML data
High
CVE-2018-1000167
was published
for
suricata-update
(pip)
May 14, 2022
pytorch-lightning is vulnerable to Deserialization of Untrusted Data
High
CVE-2021-4118
was published
for
pytorch-lightning
(pip)
Jan 6, 2022
Deserialization vulnerability exists in parso
High
CVE-2019-12760
was published
for
parso
(pip)
Jun 13, 2019
•
withdrawn
sqlitedict insecure deserialization vulnerability
High
CVE-2024-35515
was published
for
sqlitedict
(pip)
Sep 18, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45855
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45854
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45853
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45852
was published
for
mindsdb
(pip)
Sep 12, 2024
conference-scheduler-cli Arbitrary Code Execution
High
CVE-2018-14572
was published
for
conference-scheduler-cli
(pip)
Oct 29, 2018
Cleanlab Deserialization of Untrusted Data vulnerability
High
CVE-2024-45857
was published
for
cleanlab
(pip)
Sep 12, 2024
Apache Airflow: pickle deserialization vulnerability in XComs
High
CVE-2023-50943
was published
for
apache-airflow
(pip)
Jan 24, 2024
Apache Airflow vulnerable arbitrary code execution via Spark server
High
CVE-2023-40195
was published
for
apache-airflow-providers-apache-spark
(pip)
Aug 28, 2023
CoAPthon3 vulnerable to Deserialization of Untrusted Data
High
CVE-2018-12679
was published
for
CoAPthon3
(pip)
Apr 8, 2019
ntlk unsafe deserialization vulnerability
High
CVE-2024-39705
was published
for
nltk
(pip)
Jun 28, 2024
Apache Avro Java SDK vulnerable to Improper Input Validation
High
CVE-2023-39410
was published
for
avro
(Maven)
Sep 29, 2023
ProTip!
Advisories are also available from the
GraphQL API