Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2024-6644 was published Jul 10, 2024
The Universal Slider plugin for WordPress is vulnerable to PHP Object Injection in all versions... Moderate Unreviewed
CVE-2024-5649 was published Jun 19, 2024
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-8003 was published Aug 20, 2024
Microsoft SharePoint Server Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-43466 was published Sep 10, 2024
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1.... Moderate Unreviewed
CVE-2023-2042 was published Apr 14, 2023
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it... Moderate Unreviewed
CVE-2020-0618 was published May 24, 2022
Reverb use after free vulnerability Moderate
CVE-2024-8375 was published for dm-reverb (pip) Sep 19, 2024
Deserialization of Untrusted Data in parlai Moderate
CVE-2021-39207 was published for parlai (pip) Sep 13, 2021
Anon-Artist
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects... Moderate Unreviewed
CVE-2024-9917 was published Oct 13, 2024
qlib Deserialization of Untrusted Data vulnerability Moderate
CVE-2021-23338 was published for pyqlib (pip) May 24, 2022
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in... Moderate Unreviewed
CVE-2021-4451 was published Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed
CVE-2024-9953 was published Oct 15, 2024
Execution of untrusted code through config file Moderate
CVE-2021-21371 was published for tenable-jira-cloud (pip) Mar 10, 2021
abhiabhi2306 v1dhun
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed
CVE-2024-8069 was published Nov 12, 2024
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides... Moderate Unreviewed
CVE-2024-39334 was published Jun 24, 2024
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due... Moderate Unreviewed
CVE-2023-21206 was published Jun 28, 2023
Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful... Moderate Unreviewed
CVE-2023-52357 was published Feb 18, 2024
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. Moderate
CVE-2024-45772 was published for org.apache.lucene:lucene-replicator (Maven) Sep 30, 2024
streichsbaer
Kredis JSON Possible Deserialization of Untrusted Data Vulnerability Moderate
CVE-2023-27531 was published for kredis (RubyGems) Jun 9, 2023
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection... Moderate Unreviewed
CVE-2024-13288 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This... Moderate Unreviewed
CVE-2024-13296 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This... Moderate Unreviewed
CVE-2024-13297 was published Jan 9, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database