GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
387 advisories
Filter by severity
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before...
High
Unreviewed
CVE-2023-2288
was published
May 30, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP...
High
Unreviewed
CVE-2023-2500
was published
May 25, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1549
was published
May 15, 2023
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-20878
was published
May 12, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30899
was published
May 9, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30898
was published
May 9, 2023
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via...
High
Unreviewed
CVE-2023-1347
was published
May 8, 2023
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1669
was published
May 2, 2023
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5...
High
Unreviewed
CVE-2023-1196
was published
May 2, 2023
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could...
High
Unreviewed
CVE-2023-2141
was published
Apr 21, 2023
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before...
High
Unreviewed
CVE-2023-1381
was published
Apr 10, 2023
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could...
High
Unreviewed
CVE-2023-20102
was published
Apr 5, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-36971
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-28685
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-2561
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-37378
was published
Mar 29, 2023
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of...
High
Unreviewed
CVE-2023-26548
was published
Mar 28, 2023
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful...
High
Unreviewed
CVE-2023-26547
was published
Mar 28, 2023
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a...
High
Unreviewed
CVE-2023-1145
was published
Mar 27, 2023
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a...
High
Unreviewed
CVE-2023-1139
was published
Mar 27, 2023
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that...
High
Unreviewed
CVE-2023-27978
was published
Mar 21, 2023
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to...
High
Unreviewed
CVE-2023-20944
was published
Feb 28, 2023
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability...
High
Unreviewed
CVE-2022-47503
was published
Feb 15, 2023
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability...
High
Unreviewed
CVE-2022-47507
was published
Feb 15, 2023
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability...
High
Unreviewed
CVE-2022-47504
was published
Feb 15, 2023
ProTip!
Advisories are also available from the
GraphQL API