Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,475 advisories

Loading
Apache OpenMeetings vulnerable to Deserialization of Untrusted Data Critical
CVE-2024-54676 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jan 8, 2025
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload... High Unreviewed
CVE-2022-45185 was published Jan 7, 2025
Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an... High Unreviewed
CVE-2024-55555 was published Jan 7, 2025
A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the... Critical Unreviewed
CVE-2024-55556 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows... High Unreviewed
CVE-2024-56283 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object... High Unreviewed
CVE-2024-56291 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object... Critical Unreviewed
CVE-2024-49222 was published Jan 7, 2025
The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed
CVE-2024-12313 was published Jan 7, 2025
The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-11465 was published Jan 7, 2025
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial... High Unreviewed
CVE-2024-20150 was published Jan 6, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10957 was published Jan 4, 2025
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-10932 was published Jan 4, 2025
Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.This issue affects WP... High Unreviewed
CVE-2024-56068 was published Dec 31, 2024
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12721 was published Dec 21, 2024
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed
CVE-2024-12677 was published Dec 20, 2024
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in... High Unreviewed
CVE-2024-12741 was published Dec 18, 2024
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object... Critical Unreviewed
CVE-2024-56058 was published Dec 18, 2024
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-12687 was published Dec 16, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack... High Unreviewed
CVE-2024-10095 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed
CVE-2024-54273 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu allows Object Injection... High Unreviewed
CVE-2024-54282 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-11839 was published Dec 13, 2024
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed
CVE-2024-49147 was published Dec 12, 2024
The Print Science Designer plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-12312 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database