GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
510 advisories
Filter by severity
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2024-28075
was published
May 14, 2024
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-51576
was published
May 3, 2024
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted...
Critical
Unreviewed
CVE-2023-39475
was published
May 3, 2024
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote...
Critical
Unreviewed
CVE-2023-39476
was published
May 3, 2024
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore...
Critical
Unreviewed
CVE-2024-33553
was published
Apr 29, 2024
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution...
Critical
Unreviewed
CVE-2023-51570
was published
Apr 2, 2024
Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue...
Critical
Unreviewed
CVE-2024-30228
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue...
Critical
Unreviewed
CVE-2024-30227
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects...
Critical
Unreviewed
CVE-2024-30225
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects...
Critical
Unreviewed
CVE-2024-30226
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects...
Critical
Unreviewed
CVE-2024-30224
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
Critical
Unreviewed
CVE-2024-30223
was published
Mar 28, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code...
Critical
Unreviewed
CVE-2024-1800
was published
Mar 20, 2024
pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
Critical
CVE-2024-2044
was published
for
pgAdmin4
(pip)
Mar 7, 2024
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Critical
GHSA-97m3-52wr-xvv2
was published
for
phenx/php-svg-lib
(Composer)
Feb 22, 2024
Deserialization of Untrusted Data in Torrentpier
Critical
CVE-2024-1651
was published
for
torrentpier/torrentpier
(Composer)
Feb 20, 2024
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution...
Critical
Unreviewed
CVE-2023-40057
was published
Feb 15, 2024
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue...
Critical
Unreviewed
CVE-2024-25100
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real...
Critical
Unreviewed
CVE-2024-24797
was published
Feb 12, 2024
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all...
Critical
Unreviewed
CVE-2023-6933
was published
Feb 6, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
Critical
Unreviewed
CVE-2024-22320
was published
Feb 2, 2024
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows...
Critical
Unreviewed
CVE-2023-51204
was published
Jan 31, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products...
Critical
Unreviewed
CVE-2024-20253
was published
Jan 26, 2024
Deserialization of untrusted data in synthcity
Critical
CVE-2024-0937
was published
for
synthcity
(pip)
Jan 26, 2024
Remote Command Execution in SOFARPC
Critical
CVE-2024-23636
was published
for
com.alipay.sofa:rpc-sofa-boot-starter
(Maven)
Jan 23, 2024
ProTip!
Advisories are also available from the
GraphQL API