GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,807
Erlang
36
GitHub Actions
31
Go
2,390
Maven
5,000+
npm
4,026
NuGet
720
pip
3,815
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,229 advisories
Filter by severity
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability,...
Critical
Unreviewed
CVE-2025-7916
was published
Jul 21, 2025
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an...
Critical
Unreviewed
CVE-2025-53770
was published
Jul 20, 2025
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for...
Critical
Unreviewed
CVE-2025-7697
was published
Jul 19, 2025
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for...
Critical
Unreviewed
CVE-2025-7696
was published
Jul 19, 2025
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device...
High
Unreviewed
CVE-2025-7433
was published
Jul 17, 2025
Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress...
High
Unreviewed
CVE-2025-31422
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object...
Critical
Unreviewed
CVE-2025-30973
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in NooTheme Yogi allows Object Injection. This...
High
Unreviewed
CVE-2025-24779
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in awethemes Hillter allows Object Injection....
High
Unreviewed
CVE-2025-24777
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener allows...
Critical
Unreviewed
CVE-2025-28961
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram allows Object...
Critical
Unreviewed
CVE-2025-30949
was published
Jul 16, 2025
Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder allows Object...
High
Unreviewed
CVE-2025-53990
was published
Jul 16, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2025-30761
was published
Jul 15, 2025
The Friends plugin for WordPress is vulnerable to PHP Object Injection in version 3.5.1 via...
High
Unreviewed
CVE-2025-7504
was published
Jul 12, 2025
The communication protocol used between client and server had a flaw that could lead to an...
Critical
Unreviewed
CVE-2025-30023
was published
Jul 11, 2025
The communication protocol used between the
server process and the service control had a flaw...
Moderate
Unreviewed
CVE-2025-30025
was published
Jul 11, 2025
The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2025-6742
was published
Jul 9, 2025
Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of...
Critical
Unreviewed
CVE-2025-49533
was published
Jul 9, 2025
Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data...
Critical
Unreviewed
CVE-2025-27203
was published
Jul 9, 2025
Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate...
High
Unreviewed
CVE-2025-47994
was published
Jul 8, 2025
SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can...
Critical
Unreviewed
CVE-2025-42980
was published
Jul 8, 2025
SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload...
Critical
Unreviewed
CVE-2025-42964
was published
Jul 8, 2025
A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables...
Critical
Unreviewed
CVE-2025-42963
was published
Jul 8, 2025
SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative...
Critical
Unreviewed
CVE-2025-42966
was published
Jul 8, 2025
Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution...
Critical
Unreviewed
CVE-2025-6810
was published
Jul 7, 2025
ProTip!
Advisories are also available from the
GraphQL API