GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
124 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for...
Moderate
Unreviewed
CVE-2024-34751
was published
May 16, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found...
Moderate
Unreviewed
CVE-2024-4699
was published
May 14, 2024
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons...
Moderate
Unreviewed
CVE-2024-4606
was published
May 14, 2024
Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects...
Moderate
Unreviewed
CVE-2024-34433
was published
May 14, 2024
The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8...
Moderate
Unreviewed
CVE-2023-38264
was published
May 14, 2024
kurwov vulnerable to Denial of Service due to improper data sanitization
Moderate
CVE-2024-34075
was published
for
kurwov
(npm)
May 3, 2024
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue...
Moderate
Unreviewed
CVE-2024-33641
was published
Apr 29, 2024
Deserialization of Untrusted Data vulnerability in Import and export users and customers.This...
Moderate
Unreviewed
CVE-2024-32817
was published
Apr 24, 2024
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This...
Moderate
Unreviewed
CVE-2024-32835
was published
Apr 24, 2024
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up...
Moderate
Unreviewed
CVE-2024-4019
was published
Apr 20, 2024
Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue...
Moderate
Unreviewed
CVE-2024-32431
was published
Apr 15, 2024
A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9...
Moderate
Unreviewed
CVE-2024-3740
was published
Apr 13, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:...
Moderate
Unreviewed
CVE-2024-27985
was published
Apr 11, 2024
A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability...
Moderate
Unreviewed
CVE-2024-3431
was published
Apr 8, 2024
Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue...
Moderate
Unreviewed
CVE-2024-31308
was published
Apr 7, 2024
Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue...
Moderate
Unreviewed
CVE-2024-30221
was published
Mar 28, 2024
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
Moderate
CVE-2024-28861
was published
for
friendsofsymfony1/symfony1
(Composer)
Mar 22, 2024
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Moderate
CVE-2024-29032
was published
for
qiskit-ibm-runtime
(pip)
Mar 20, 2024
Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Moderate
CVE-2024-28859
was published
for
friendsofsymfony1/swiftmailer
(Composer)
Mar 18, 2024
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Moderate
CVE-2023-51518
was published
for
org.apache.james:james-server
(Maven)
Feb 27, 2024
A vulnerability, which was classified as critical, was found in TemmokuMVC up to 2.3. Affected is...
Moderate
Unreviewed
CVE-2024-1750
was published
Feb 22, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB AutoPrognosis 0.1.21. This...
Moderate
Unreviewed
CVE-2024-1748
was published
Feb 22, 2024
php-svg-lib lacks path validation on font through SVG inline styles
Moderate
CVE-2024-25117
was published
for
phenx/php-svg-lib
(Composer)
Feb 21, 2024
Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects...
Moderate
Unreviewed
CVE-2023-46615
was published
Feb 12, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res...
Moderate
Unreviewed
CVE-2024-1432
was published
Feb 11, 2024
ProTip!
Advisories are also available from the
GraphQL API