Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,783
Maven
5,000+
npm
3,545
NuGet
620
pip
3,137
Pub
10
RubyGems
839
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,279 advisories

Loading
The Flipbox Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2024-6152 was published Jul 27, 2024
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering High
CVE-2017-9805 was published for org.apache.struts:struts2-rest-plugin (Maven) Oct 16, 2018
sunSUNQ
Remote code injection in Log4j Critical
CVE-2021-44228 was published for com.guicedee.services:log4j-core (Maven) Dec 10, 2021
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization... High Unreviewed
CVE-2019-18935 was published May 24, 2022
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder Moderate
CVE-2024-28861 was published for friendsofsymfony1/symfony1 (Composer) Mar 22, 2024
darkpills
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code... Critical Unreviewed
CVE-2024-6327 was published Jul 24, 2024
A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to... Moderate Unreviewed
CVE-2024-7067 was published Jul 24, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in... High Unreviewed
CVE-2024-6675 was published Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ... Critical Unreviewed
CVE-2024-6794 was published Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that... Critical Unreviewed
CVE-2024-6793 was published Jul 22, 2024
H2O vulnerable to Deserialization of Untrusted Data High
CVE-2024-6960 was published for ai.h2o:h2o-core (Maven) Jul 21, 2024
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace.This issue... Moderate Unreviewed
CVE-2024-38759 was published Jul 22, 2024
A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical.... Moderate Unreviewed
CVE-2024-6943 was published Jul 21, 2024
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected... Moderate Unreviewed
CVE-2024-6944 was published Jul 21, 2024
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access... Critical Unreviewed
CVE-2024-28074 was published Jul 17, 2024
TorrentPier Deserialization of Untrusted Data vulnerability Critical
CVE-2024-40624 was published for torrentpier/torrentpier (Composer) Jul 15, 2024
swapgs
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &... Critical Unreviewed
CVE-2024-4371 was published Jun 13, 2024
Apache Linkis DataSource's JDBC Datasource Module with DB2 has JNDI Injection vulnerability High
CVE-2023-49566 was published for org.apache.linkis:linkis-datasource (Maven) Jul 15, 2024
Apache Linkis DataSource remote code execution vulnerability High
CVE-2023-46801 was published for org.apache.linkis:linkis-datasource (Maven) Jul 15, 2024
A vulnerability was found in WuKongOpenSource Wukong_nocode up to 20230807. It has been declared... Moderate Unreviewed
CVE-2024-6645 was published Jul 10, 2024
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2024-6644 was published Jul 10, 2024
Microsoft SharePoint Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38094 was published Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38024 was published Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38023 was published Jul 9, 2024
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 (All versions < V16 Update 7),... High Unreviewed
CVE-2023-32735 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API