GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,252
Composer 4,810
Erlang 36
GitHub Actions 31
Go 2,395
Maven 5,777
npm 4,030
NuGet 721
pip 3,820
Pub 12
RubyGems 932
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,558

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

568 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in Brent Jett Assistant allows Object Injection.... High Unreviewed

CVE-2025-26885 was published Mar 3, 2025

Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk... High Unreviewed

CVE-2024-47092 was published Mar 3, 2025

The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed

CVE-2024-13833 was published Mar 1, 2025

The Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed

CVE-2024-13831 was published Feb 28, 2025

Deserialization of Untrusted Data vulnerability in giuliopanda ADFO allows Object Injection. This... High Unreviewed

CVE-2025-27300 was published Feb 24, 2025

Deserialization of Untrusted Data vulnerability in Nazmul Hasan Robin NHR Options Table Manager... High Unreviewed

CVE-2025-27301 was published Feb 24, 2025

The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2024-13899 was published Feb 22, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to... High Unreviewed

CVE-2024-28777 was published Feb 19, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an... High Unreviewed

CVE-2024-45084 was published Feb 19, 2025

The Brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-13636 was published Feb 18, 2025

The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress... High Unreviewed

CVE-2024-13556 was published Feb 18, 2025

The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is... High Unreviewed

CVE-2024-13770 was published Feb 13, 2025

The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed

CVE-2024-9664 was published Feb 7, 2025

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to... High Unreviewed

CVE-2025-0994 was published Feb 6, 2025

The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2024-12600 was published Jan 25, 2025

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... High Unreviewed

CVE-2024-31903 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection.... High Unreviewed

CVE-2025-23944 was published Jan 22, 2025

The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed

CVE-2025-0428 was published Jan 22, 2025

The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed

CVE-2025-0429 was published Jan 22, 2025

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to... High Unreviewed

CVE-2024-49744 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... High Unreviewed

CVE-2024-49699 was published Jan 21, 2025

The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2024-10936 was published Jan 21, 2025

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote... High Unreviewed

CVE-2025-0586 was published Jan 20, 2025

CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of... High Unreviewed

CVE-2024-12703 was published Jan 17, 2025

MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml... High Unreviewed

CVE-2024-57762 was published Jan 15, 2025

Previous 1 2 3 4 5 6 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

568 advisories