GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,218 advisories
Filter by severity
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
Critical
Unreviewed
CVE-2024-22320
was published
Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows...
Critical
Unreviewed
CVE-2023-51204
was published
Jan 31, 2024
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this...
High
Unreviewed
CVE-2024-1032
was published
Jan 30, 2024
A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-0959
was published
Jan 27, 2024
ai-flow Deserialization of Untrusted Data vulnerability
Moderate
CVE-2024-0960
was published
for
ai-flow
(pip)
Jan 27, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products...
Critical
Unreviewed
CVE-2024-20253
was published
Jan 26, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Affected...
High
Unreviewed
CVE-2024-0936
was published
Jan 26, 2024
Deserialization of untrusted data in synthcity
Critical
CVE-2024-0937
was published
for
synthcity
(pip)
Jan 26, 2024
Apache Airflow: pickle deserialization vulnerability in XComs
High
CVE-2023-50943
was published
for
apache-airflow
(pip)
Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue...
High
Unreviewed
CVE-2024-22309
was published
Jan 24, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects...
High
Unreviewed
CVE-2024-22284
was published
Jan 24, 2024
Remote Command Execution in SOFARPC
Critical
CVE-2024-23636
was published
for
com.alipay.sofa:rpc-sofa-boot-starter
(Maven)
Jan 23, 2024
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization
Critical
CVE-2017-20189
was published
for
org.clojure:clojure
(Maven)
Jan 22, 2024
Unsafe yaml deserialization in llama-hub
Critical
CVE-2024-23730
was published
for
llama-hub
(pip)
Jan 21, 2024
A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20....
High
Unreviewed
CVE-2024-0739
was published
Jan 20, 2024
Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership...
Moderate
Unreviewed
CVE-2022-45083
was published
Jan 19, 2024
Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects...
Moderate
Unreviewed
CVE-2022-45845
was published
Jan 19, 2024
A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf...
Moderate
Unreviewed
CVE-2024-0654
was published
Jan 18, 2024
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an...
High
Unreviewed
CVE-2024-0603
was published
Jan 17, 2024
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow...
High
Unreviewed
CVE-2023-1405
was published
Jan 16, 2024
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of...
Critical
Unreviewed
CVE-2023-6049
was published
Jan 15, 2024
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker...
High
Unreviewed
CVE-2023-7032
was published
Jan 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21318
was published
Jan 9, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with...
Critical
Unreviewed
CVE-2023-52205
was published
Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer...
High
Unreviewed
CVE-2023-52206
was published
Jan 8, 2024
ProTip!
Advisories are also available from the
GraphQL API