GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
370 advisories
Filter by severity
Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote...
High
Unreviewed
CVE-2023-39473
was published
May 3, 2024
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code...
High
Unreviewed
CVE-2023-50220
was published
May 3, 2024
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master...
High
Unreviewed
CVE-2024-32600
was published
Apr 18, 2024
Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects...
High
Unreviewed
CVE-2024-32603
was published
Apr 18, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21318
was published
Jan 9, 2024
A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could...
High
Unreviewed
CVE-2019-10924
was published
May 24, 2022
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via...
High
Unreviewed
CVE-2017-18604
was published
May 24, 2022
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue...
High
Unreviewed
CVE-2024-31277
was published
Apr 7, 2024
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to...
High
Unreviewed
CVE-2023-4386
was published
Oct 20, 2023
The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf...
High
Unreviewed
CVE-2022-3342
was published
Oct 20, 2023
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-34052
was published
Oct 20, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-35186
was published
Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-35180
was published
Oct 19, 2023
The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an...
High
Unreviewed
CVE-2023-4971
was published
Oct 16, 2023
The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove...
High
Unreviewed
CVE-2023-4643
was published
Oct 16, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization...
High
Unreviewed
CVE-2023-3154
was published
Oct 16, 2023
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the...
High
Unreviewed
CVE-2023-3392
was published
Oct 16, 2023
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute...
High
Unreviewed
CVE-2023-43176
was published
Oct 3, 2023
Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization...
High
Unreviewed
CVE-2023-43268
was published
Oct 2, 2023
Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases...
High
Unreviewed
CVE-2023-5183
was published
Sep 27, 2023
In WS_FTP Server version 8.7.0 prior to 8.7.4 and
version 8.8.0 prior to 8.8.2, a pre...
High
Unreviewed
CVE-2023-40044
was published
Sep 27, 2023
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2023-35669
was published
Sep 11, 2023
The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array"...
High
Unreviewed
CVE-2023-4314
was published
Sep 11, 2023
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS...
High
Unreviewed
CVE-2023-4528
was published
Sep 7, 2023
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of...
High
Unreviewed
CVE-2023-28072
was published
Sep 4, 2023
ProTip!
Advisories are also available from the
GraphQL API