Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

528 advisories

Loading
Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hotel allows Object... Critical Unreviewed
CVE-2025-39503 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This... Critical Unreviewed
CVE-2025-31927 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Avantage allows Object Injection.... Critical Unreviewed
CVE-2025-39495 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business... Critical Unreviewed
CVE-2025-31069 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House allows Object... Critical Unreviewed
CVE-2025-31631 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection.... Critical Unreviewed
CVE-2025-31430 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto allows Object Injection.... Critical Unreviewed
CVE-2025-31423 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This... Critical Unreviewed
CVE-2025-31049 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object... Critical Unreviewed
CVE-2025-39354 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant WordPress allows... Critical Unreviewed
CVE-2025-39348 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in Chimpstudio Foodbakery Sticky Cart allows... Critical Unreviewed
CVE-2025-39356 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object... Critical Unreviewed
CVE-2025-39349 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This... Critical Unreviewed
CVE-2025-32928 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery allows Object Injection... Critical Unreviewed
CVE-2025-32927 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar... Critical Unreviewed
CVE-2025-47581 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder -... Critical Unreviewed
CVE-2025-39410 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot... Critical Unreviewed
CVE-2025-47582 was published May 19, 2025
SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload... Critical Unreviewed
CVE-2025-42999 was published May 13, 2025
The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,... Critical Unreviewed
CVE-2025-0855 was published May 7, 2025
Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object... Critical Unreviewed
CVE-2025-39550 was published Apr 17, 2025
Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons... Critical Unreviewed
CVE-2025-39588 was published Apr 17, 2025
Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object... Critical Unreviewed
CVE-2025-39551 was published Apr 17, 2025
Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This... Critical Unreviewed
CVE-2025-32658 was published Apr 17, 2025
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object... Critical Unreviewed
CVE-2025-32572 was published Apr 17, 2025
Deserialization of Untrusted Data vulnerability in saoshyant1994 Saoshyant Slider allows Object... Critical Unreviewed
CVE-2025-27286 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database