GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,255 advisories
Filter by severity
nGrinder vulnerable to unsafe Java objects deserialization
High
CVE-2024-28213
was published
for
org.ngrinder:ngrinder-core
(Maven)
Mar 7, 2024
nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be...
Unknown
Unreviewed
CVE-2024-28211
was published
Mar 7, 2024
pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
Critical
CVE-2024-2044
was published
for
pgAdmin4
(pip)
Mar 7, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code...
High
Unreviewed
CVE-2024-2229
was published
Mar 18, 2024
Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Moderate
CVE-2024-28859
was published
for
friendsofsymfony1/swiftmailer
(Composer)
Mar 18, 2024
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic:...
High
Unreviewed
CVE-2024-29136
was published
Mar 19, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code...
Critical
Unreviewed
CVE-2024-1800
was published
Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack...
High
Unreviewed
CVE-2024-1801
was published
Mar 20, 2024
Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social...
High
Unreviewed
CVE-2024-2721
was published
Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack...
High
Unreviewed
CVE-2024-1856
was published
Mar 20, 2024
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Moderate
CVE-2024-29032
was published
for
qiskit-ibm-runtime
(pip)
Mar 20, 2024
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied...
Unknown
Unreviewed
CVE-2024-2054
was published
Mar 21, 2024
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
Moderate
CVE-2024-28861
was published
for
friendsofsymfony1/symfony1
(Composer)
Mar 22, 2024
Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects...
High
Unreviewed
CVE-2023-27459
was published
Mar 26, 2024
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation,...
High
Unreviewed
CVE-2024-24842
was published
Mar 27, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
High
Unreviewed
CVE-2024-30222
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
Critical
Unreviewed
CVE-2024-30223
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects...
Critical
Unreviewed
CVE-2024-30225
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a...
High
Unreviewed
CVE-2024-30229
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue...
Critical
Unreviewed
CVE-2024-30228
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue...
Critical
Unreviewed
CVE-2024-30227
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For...
High
Unreviewed
CVE-2024-30230
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects...
Critical
Unreviewed
CVE-2024-30226
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects...
Critical
Unreviewed
CVE-2024-30224
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue...
Moderate
Unreviewed
CVE-2024-30221
was published
Mar 28, 2024
ProTip!
Advisories are also available from the
GraphQL API