Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,218 advisories

Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects... Critical Unreviewed
CVE-2024-30224 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects... Critical Unreviewed
CVE-2024-30225 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a... High Unreviewed
CVE-2024-30229 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For... High Unreviewed
CVE-2024-30230 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue... Critical Unreviewed
CVE-2024-30228 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue... Critical Unreviewed
CVE-2024-30227 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects... Critical Unreviewed
CVE-2024-30223 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects... High Unreviewed
CVE-2024-30222 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation,... High Unreviewed
CVE-2024-24842 was published Mar 27, 2024
Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects... High Unreviewed
CVE-2023-27459 was published Mar 26, 2024
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder Moderate
CVE-2024-28861 was published for friendsofsymfony1/symfony1 (Composer) Mar 22, 2024
darkpills
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied... Unknown Unreviewed
CVE-2024-2054 was published Mar 21, 2024
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code Moderate
CVE-2024-29032 was published for qiskit-ibm-runtime (pip) Mar 20, 2024
richrines1
Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social... High Unreviewed
CVE-2024-2721 was published Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack... High Unreviewed
CVE-2024-1801 was published Mar 20, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code... Critical Unreviewed
CVE-2024-1800 was published Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack... High Unreviewed
CVE-2024-1856 was published Mar 20, 2024
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic:... High Unreviewed
CVE-2024-29136 was published Mar 19, 2024
Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency Moderate
CVE-2024-28859 was published for friendsofsymfony1/swiftmailer (Composer) Mar 18, 2024
darkpills
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code... High Unreviewed
CVE-2024-2229 was published Mar 18, 2024
pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user Critical
CVE-2024-2044 was published for pgAdmin4 (pip) Mar 7, 2024
TheZ3ro
nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute... Unknown Unreviewed
CVE-2024-28212 was published Mar 7, 2024
nGrinder vulnerable to unsafe Java objects deserialization High
CVE-2024-28213 was published for org.ngrinder:ngrinder-core (Maven) Mar 7, 2024
nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be... Unknown Unreviewed
CVE-2024-28211 was published Mar 7, 2024
Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability High
CVE-2024-26580 was published for org.apache.inlong:manager-common (Maven) Mar 6, 2024
oscerd
ProTip! Advisories are also available from the GraphQL API