GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,783
Maven
5,000+
npm
3,545
NuGet
620
pip
3,137
Pub
10
RubyGems
839
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,279 advisories
Filter by severity
The Flipbox Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up...
High
Unreviewed
CVE-2024-6152
was published
Jul 27, 2024
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
High
CVE-2017-9805
was published
for
org.apache.struts:struts2-rest-plugin
(Maven)
Oct 16, 2018
Remote code injection in Log4j
Critical
CVE-2021-44228
was published
for
com.guicedee.services:log4j-core
(Maven)
Dec 10, 2021
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization...
High
Unreviewed
CVE-2019-18935
was published
May 24, 2022
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
Moderate
CVE-2024-28861
was published
for
friendsofsymfony1/symfony1
(Composer)
Mar 22, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code...
Critical
Unreviewed
CVE-2024-6327
was published
Jul 24, 2024
A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to...
Moderate
Unreviewed
CVE-2024-7067
was published
Jul 24, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in...
High
Unreviewed
CVE-2024-6675
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ...
Critical
Unreviewed
CVE-2024-6794
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that...
Critical
Unreviewed
CVE-2024-6793
was published
Jul 22, 2024
H2O vulnerable to Deserialization of Untrusted Data
High
CVE-2024-6960
was published
for
ai.h2o:h2o-core
(Maven)
Jul 21, 2024
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace.This issue...
Moderate
Unreviewed
CVE-2024-38759
was published
Jul 22, 2024
A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical....
Moderate
Unreviewed
CVE-2024-6943
was published
Jul 21, 2024
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected...
Moderate
Unreviewed
CVE-2024-6944
was published
Jul 21, 2024
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access...
Critical
Unreviewed
CVE-2024-28074
was published
Jul 17, 2024
TorrentPier Deserialization of Untrusted Data vulnerability
Critical
CVE-2024-40624
was published
for
torrentpier/torrentpier
(Composer)
Jul 15, 2024
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &...
Critical
Unreviewed
CVE-2024-4371
was published
Jun 13, 2024
Apache Linkis DataSource's JDBC Datasource Module with DB2 has JNDI Injection vulnerability
High
CVE-2023-49566
was published
for
org.apache.linkis:linkis-datasource
(Maven)
Jul 15, 2024
Apache Linkis DataSource remote code execution vulnerability
High
CVE-2023-46801
was published
for
org.apache.linkis:linkis-datasource
(Maven)
Jul 15, 2024
A vulnerability was found in WuKongOpenSource Wukong_nocode up to 20230807. It has been declared...
Moderate
Unreviewed
CVE-2024-6645
was published
Jul 10, 2024
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-6644
was published
Jul 10, 2024
Microsoft SharePoint Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38094
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38024
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38023
was published
Jul 9, 2024
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 (All versions < V16 Update 7),...
High
Unreviewed
CVE-2023-32735
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API