Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,487 advisories

Loading
Microsoft Excel Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21364 was published Jan 14, 2025
Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13163 was published Jan 14, 2025
Rasa Allows Remote Code Execution via Remote Model Loading Critical
CVE-2024-49375 was published for rasa (pip) Jan 14, 2025
Deserialization of Untrusted Data vulnerability in GiveWP GiveWP allows Object Injection.This... Critical Unreviewed
CVE-2025-22777 was published Jan 13, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed
CVE-2024-12877 was published Jan 11, 2025
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... High Unreviewed
CVE-2024-12627 was published Jan 11, 2025
Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This... Moderate Unreviewed
CVE-2024-13296 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This... Moderate Unreviewed
CVE-2024-13297 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection... Moderate Unreviewed
CVE-2024-13288 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
Apache OpenMeetings vulnerable to Deserialization of Untrusted Data Critical
CVE-2024-54676 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jan 8, 2025
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload... High Unreviewed
CVE-2022-45185 was published Jan 7, 2025
Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an... High Unreviewed
CVE-2024-55555 was published Jan 7, 2025
A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the... Critical Unreviewed
CVE-2024-55556 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows... High Unreviewed
CVE-2024-56283 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object... High Unreviewed
CVE-2024-56291 was published Jan 7, 2025
Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object... Critical Unreviewed
CVE-2024-49222 was published Jan 7, 2025
The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed
CVE-2024-12313 was published Jan 7, 2025
The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-11465 was published Jan 7, 2025
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial... High Unreviewed
CVE-2024-20150 was published Jan 6, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10957 was published Jan 4, 2025
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-10932 was published Jan 4, 2025
Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.This issue affects WP... High Unreviewed
CVE-2024-56068 was published Dec 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database