GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
387 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder &...
High
Unreviewed
CVE-2024-23512
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive:...
High
Unreviewed
CVE-2024-23513
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets...
High
Unreviewed
CVE-2024-24796
was published
Feb 12, 2024
Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose...
High
Unreviewed
CVE-2024-24926
was published
Feb 12, 2024
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by...
High
Unreviewed
CVE-2024-1225
was published
Feb 5, 2024
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to...
High
Unreviewed
CVE-2003-0791
was published
Apr 29, 2022
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow...
High
Unreviewed
CVE-2023-1405
was published
Jan 16, 2024
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this...
High
Unreviewed
CVE-2024-1032
was published
Jan 30, 2024
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Affected...
High
Unreviewed
CVE-2024-0936
was published
Jan 26, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects...
High
Unreviewed
CVE-2024-22284
was published
Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue...
High
Unreviewed
CVE-2024-22309
was published
Jan 24, 2024
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary...
High
Unreviewed
CVE-2012-0911
was published
May 17, 2022
The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the...
High
Unreviewed
CVE-2023-6528
was published
Jan 8, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of...
High
Unreviewed
CVE-2022-2442
was published
Sep 7, 2022
The Ovic Responsive WPBakery WordPress plugin before 1.2.9 does not limit which options can be...
High
Unreviewed
CVE-2023-5235
was published
Jan 8, 2024
A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20....
High
Unreviewed
CVE-2024-0739
was published
Jan 20, 2024
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows...
High
Unreviewed
CVE-2013-1465
was published
May 17, 2022
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an...
High
Unreviewed
CVE-2024-0603
was published
Jan 17, 2024
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of...
High
Unreviewed
CVE-2023-32636
was published
Sep 14, 2023
Attackers with access to the "documentconverterws" API were able to inject serialized Java...
High
Unreviewed
CVE-2023-26436
was published
Jun 20, 2023
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker...
High
Unreviewed
CVE-2023-7032
was published
Jan 9, 2024
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer...
High
Unreviewed
CVE-2023-52206
was published
Jan 8, 2024
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE...
High
Unreviewed
CVE-2020-17144
was published
May 24, 2022
Microsoft SharePoint Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-24066
was published
May 24, 2022
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0...
High
Unreviewed
CVE-2015-4852
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API