Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,384 advisories

Loading
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability High
CVE-2024-43383 was published for Lucene.Net.Replicator (NuGet) Oct 31, 2024
ThinkPHP deserialization vulnerability High
CVE-2024-48112 was published for topthink/thinkphp (Composer) Oct 30, 2024
Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a... Critical Unreviewed
CVE-2024-10456 was published Oct 30, 2024
Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object... Critical Unreviewed
CVE-2024-50507 was published Oct 30, 2024
A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of... Critical Unreviewed
CVE-2024-48206 was published Oct 29, 2024
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. Critical Unreviewed
CVE-2024-48063 was published Oct 29, 2024
Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object... High Unreviewed
CVE-2024-50408 was published Oct 28, 2024
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for... High Unreviewed
CVE-2024-50416 was published Oct 28, 2024
Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule... High Unreviewed
CVE-2024-49684 was published Oct 23, 2024
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows... Critical Unreviewed
CVE-2024-49624 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components... Critical Unreviewed
CVE-2024-49625 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows... Critical Unreviewed
CVE-2024-49626 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This... Critical Unreviewed
CVE-2024-49332 was published Oct 20, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up... High Unreviewed
CVE-2024-10079 was published Oct 18, 2024
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object... Critical Unreviewed
CVE-2024-49318 was published Oct 17, 2024
Admidio Vulnerable to HTML Injection In The Messages Section Low
CVE-2024-47836 was published for admidio/admidio (Composer) Oct 16, 2024
Kakashi1234
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows... Critical Unreviewed
CVE-2024-48026 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object... Critical Unreviewed
CVE-2024-49218 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection... Critical Unreviewed
CVE-2024-48028 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows... Critical Unreviewed
CVE-2024-48030 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter... High Unreviewed
CVE-2024-49227 was published Oct 16, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object... High Unreviewed
CVE-2024-49226 was published Oct 16, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in... Moderate Unreviewed
CVE-2021-4451 was published Oct 16, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2024-9634 was published Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed
CVE-2024-9953 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database