GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,339 advisories
Filter by severity
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected...
Moderate
Unreviewed
CVE-2024-6944
was published
Jul 21, 2024
A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical....
Moderate
Unreviewed
CVE-2024-6943
was published
Jul 21, 2024
.NET Denial of Service Vulnerability
High
CVE-2023-21538
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jan 10, 2023
The Flipbox Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up...
High
Unreviewed
CVE-2024-6152
was published
Jul 27, 2024
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
High
CVE-2017-9805
was published
for
org.apache.struts:struts2-rest-plugin
(Maven)
Oct 16, 2018
Remote code injection in Log4j
Critical
CVE-2021-44228
was published
for
com.guicedee.services:log4j-core
(Maven)
Dec 10, 2021
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization...
High
Unreviewed
CVE-2019-18935
was published
May 24, 2022
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
Moderate
CVE-2024-28861
was published
for
friendsofsymfony1/symfony1
(Composer)
Mar 22, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code...
Critical
Unreviewed
CVE-2024-6327
was published
Jul 24, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ...
Critical
Unreviewed
CVE-2024-6794
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that...
Critical
Unreviewed
CVE-2024-6793
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in...
High
Unreviewed
CVE-2024-6675
was published
Jul 22, 2024
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace.This issue...
Moderate
Unreviewed
CVE-2024-38759
was published
Jul 22, 2024
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access...
Critical
Unreviewed
CVE-2024-28074
was published
Jul 17, 2024
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products &...
Critical
Unreviewed
CVE-2024-4371
was published
Jun 13, 2024
Microsoft SharePoint Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38094
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38024
was published
Jul 9, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38023
was published
Jul 9, 2024
Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login.This issue...
Moderate
Unreviewed
CVE-2024-37502
was published
Jul 9, 2024
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-10672
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Apr 23, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-10673
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
May 15, 2020
OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies...
Low
Unreviewed
CVE-2024-34274
was published
May 21, 2024
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server...
Critical
Unreviewed
CVE-2024-29212
was published
May 14, 2024
An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop...
Critical
Unreviewed
CVE-2024-24302
was published
Mar 3, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user...
High
Unreviewed
CVE-2024-36984
was published
Jul 1, 2024
ProTip!
Advisories are also available from the
GraphQL API