Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

407 advisories

Loading
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51642 was published Nov 22, 2024
Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object... Critical Unreviewed
CVE-2024-52443 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed
CVE-2024-52439 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed
CVE-2024-52440 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... Critical Unreviewed
CVE-2024-52432 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection... Critical Unreviewed
CVE-2024-52430 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free... Critical Unreviewed
CVE-2024-52433 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu... Critical Unreviewed
CVE-2024-52414 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object... Critical Unreviewed
CVE-2024-52410 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This... Critical Unreviewed
CVE-2024-52413 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced... Critical Unreviewed
CVE-2024-52411 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object... Critical Unreviewed
CVE-2024-52409 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This... Critical Unreviewed
CVE-2024-52412 was published Nov 17, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to... Critical Unreviewed
CVE-2024-37285 was published Nov 14, 2024
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910... Critical Unreviewed
CVE-2024-44102 was published Nov 12, 2024
Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a... Critical Unreviewed
CVE-2024-10456 was published Oct 30, 2024
Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object... Critical Unreviewed
CVE-2024-50507 was published Oct 30, 2024
A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of... Critical Unreviewed
CVE-2024-48206 was published Oct 29, 2024
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. Critical Unreviewed
CVE-2024-48063 was published Oct 29, 2024
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows... Critical Unreviewed
CVE-2024-49624 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components... Critical Unreviewed
CVE-2024-49625 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows... Critical Unreviewed
CVE-2024-49626 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This... Critical Unreviewed
CVE-2024-49332 was published Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object... Critical Unreviewed
CVE-2024-49318 was published Oct 17, 2024
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows... Critical Unreviewed
CVE-2024-48026 was published Oct 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database