GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,218 advisories
Filter by severity
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-0692
was published
Mar 1, 2024
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Moderate
CVE-2023-51518
was published
for
org.apache.james:james-server
(Maven)
Feb 27, 2024
A vulnerability, which was classified as critical, was found in TemmokuMVC up to 2.3. Affected is...
Moderate
Unreviewed
CVE-2024-1750
was published
Feb 22, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB AutoPrognosis 0.1.21. This...
Moderate
Unreviewed
CVE-2024-1748
was published
Feb 22, 2024
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Critical
GHSA-97m3-52wr-xvv2
was published
for
phenx/php-svg-lib
(Composer)
Feb 22, 2024
php-svg-lib lacks path validation on font through SVG inline styles
Moderate
CVE-2024-25117
was published
for
phenx/php-svg-lib
(Composer)
Feb 21, 2024
Deserialization of Untrusted Data in Apache Camel SQL
High
CVE-2024-22369
was published
for
org.apache.camel:camel-sql
(Maven)
Feb 20, 2024
Deserialization of Untrusted Data in Apache Camel CassandraQL
High
CVE-2024-23114
was published
for
org.apache.camel:camel-cassandraql
(Maven)
Feb 20, 2024
Deserialization of Untrusted Data in Torrentpier
Critical
CVE-2024-1651
was published
for
torrentpier/torrentpier
(Composer)
Feb 20, 2024
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution...
Critical
Unreviewed
CVE-2023-40057
was published
Feb 15, 2024
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution...
High
Unreviewed
CVE-2024-23478
was published
Feb 15, 2024
Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose...
High
Unreviewed
CVE-2024-24926
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects...
Moderate
Unreviewed
CVE-2023-46615
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder &...
High
Unreviewed
CVE-2024-23512
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue...
Critical
Unreviewed
CVE-2024-25100
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real...
Critical
Unreviewed
CVE-2024-24797
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:...
High
Unreviewed
CVE-2024-23513
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets...
High
Unreviewed
CVE-2024-24796
was published
Feb 12, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res...
Moderate
Unreviewed
CVE-2024-1432
was published
Feb 11, 2024
A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected...
Moderate
Unreviewed
CVE-2024-1353
was published
Feb 9, 2024
Allegro AI ClearML vulnerable to deserialization of untrusted data
High
CVE-2024-24590
was published
for
clearml
(pip)
Feb 6, 2024
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all...
Moderate
Unreviewed
CVE-2024-0668
was published
Feb 6, 2024
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2023-6933
was published
Feb 6, 2024
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by...
High
Unreviewed
CVE-2024-1225
was published
Feb 5, 2024
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is...
Moderate
Unreviewed
CVE-2024-1198
was published
Feb 3, 2024
ProTip!
Advisories are also available from the
GraphQL API