Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

454 advisories

Loading
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... High Unreviewed
CVE-2024-12627 was published Jan 11, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2024-3018 was published Mar 30, 2024
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload... High Unreviewed
CVE-2022-45185 was published Jan 7, 2025
The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-1731 was published Mar 5, 2024
Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an... High Unreviewed
CVE-2024-55555 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object... High Unreviewed
CVE-2024-56291 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows... High Unreviewed
CVE-2024-56283 was published Jan 7, 2025
The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed
CVE-2024-12313 was published Jan 7, 2025
The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-11465 was published Jan 7, 2025
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial... High Unreviewed
CVE-2024-20150 was published Jan 6, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10957 was published Jan 4, 2025
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-10932 was published Jan 4, 2025
Microsoft Exchange Server Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-41082 was published Oct 4, 2022
Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.This issue affects WP... High Unreviewed
CVE-2024-56068 was published Dec 31, 2024
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12721 was published Dec 21, 2024
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed
CVE-2024-12677 was published Dec 20, 2024
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in... High Unreviewed
CVE-2024-12741 was published Dec 18, 2024
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-12687 was published Dec 16, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack... High Unreviewed
CVE-2024-10095 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu allows Object Injection... High Unreviewed
CVE-2024-54282 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows... High Unreviewed
CVE-2024-11839 was published Dec 13, 2024
The Print Science Designer plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-12312 was published Dec 12, 2024
Microsoft/Muzic Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49063 was published Dec 12, 2024
Microsoft SharePoint Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49070 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database