Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,764
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

713 advisories

Loading
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0... High Unreviewed
CVE-2015-4852 was published May 14, 2022
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is... High Unreviewed
CVE-2024-4978 was published May 23, 2024
vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator High
CVE-2025-24357 was published for vllm (pip) Jan 27, 2025
DogeWatch
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12600 was published Jan 25, 2025
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... High Unreviewed
CVE-2024-31903 was published Jan 22, 2025
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to... High Unreviewed
CVE-2024-49744 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection.... High Unreviewed
CVE-2025-23944 was published Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-0429 was published Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-0428 was published Jan 22, 2025
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
justinrosenthal ekaf
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... High Unreviewed
CVE-2024-49699 was published Jan 21, 2025
The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2024-10936 was published Jan 21, 2025
The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote... High Unreviewed
CVE-2025-0586 was published Jan 20, 2025
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of... High Unreviewed
CVE-2024-12703 was published Jan 17, 2025
Microsoft Excel Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21364 was published Jan 14, 2025
Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13163 was published Jan 14, 2025
Laravel Framework RCE Vulnerability High
CVE-2018-15133 was published for laravel/framework (Composer) May 14, 2022
mattberry3
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... High Unreviewed
CVE-2024-12627 was published Jan 11, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2024-3018 was published Mar 30, 2024
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload... High Unreviewed
CVE-2022-45185 was published Jan 7, 2025
The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-1731 was published Mar 5, 2024
Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an... High Unreviewed
CVE-2024-55555 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object... High Unreviewed
CVE-2024-56291 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows... High Unreviewed
CVE-2024-56283 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database