Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,218 advisories

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could... Critical Unreviewed
CVE-2024-22320 was published Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows... Critical Unreviewed
CVE-2023-51204 was published Jan 31, 2024
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this... High Unreviewed
CVE-2024-1032 was published Jan 30, 2024
A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical.... Moderate Unreviewed
CVE-2024-0959 was published Jan 27, 2024
ai-flow Deserialization of Untrusted Data vulnerability Moderate
CVE-2024-0960 was published for ai-flow (pip) Jan 27, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products... Critical Unreviewed
CVE-2024-20253 was published Jan 26, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Affected... High Unreviewed
CVE-2024-0936 was published Jan 26, 2024
Deserialization of untrusted data in synthcity Critical
CVE-2024-0937 was published for synthcity (pip) Jan 26, 2024
m3t3kh4n
Apache Airflow: pickle deserialization vulnerability in XComs High
CVE-2023-50943 was published for apache-airflow (pip) Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue... High Unreviewed
CVE-2024-22309 was published Jan 24, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects... High Unreviewed
CVE-2024-22284 was published Jan 24, 2024
Remote Command Execution in SOFARPC Critical
CVE-2024-23636 was published for com.alipay.sofa:rpc-sofa-boot-starter (Maven) Jan 23, 2024
yemoli
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization Critical
CVE-2017-20189 was published for org.clojure:clojure (Maven) Jan 22, 2024
Unsafe yaml deserialization in llama-hub Critical
CVE-2024-23730 was published for llama-hub (pip) Jan 21, 2024
r3kumar
A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20.... High Unreviewed
CVE-2024-0739 was published Jan 20, 2024
Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership... Moderate Unreviewed
CVE-2022-45083 was published Jan 19, 2024
Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects... Moderate Unreviewed
CVE-2022-45845 was published Jan 19, 2024
A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf... Moderate Unreviewed
CVE-2024-0654 was published Jan 18, 2024
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an... High Unreviewed
CVE-2024-0603 was published Jan 17, 2024
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow... High Unreviewed
CVE-2023-1405 was published Jan 16, 2024
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of... Critical Unreviewed
CVE-2023-6049 was published Jan 15, 2024
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker... High Unreviewed
CVE-2023-7032 was published Jan 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21318 was published Jan 9, 2024
Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with... Critical Unreviewed
CVE-2023-52205 was published Jan 8, 2024
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer... High Unreviewed
CVE-2023-52206 was published Jan 8, 2024
ProTip! Advisories are also available from the GraphQL API