Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,415 advisories

Loading
In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch... High Unreviewed
CVE-2018-9474 was published Nov 20, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed
CVE-2024-10382 was published Nov 20, 2024
The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed
CVE-2024-10913 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed
CVE-2024-52439 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite... High Unreviewed
CVE-2024-52445 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed
CVE-2024-52440 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object... Critical Unreviewed
CVE-2024-52443 was published Nov 20, 2024
Pickle serialization vulnerable to Deserialization of Untrusted Data High
CVE-2023-23930 was published for vantage6 (pip) Oct 13, 2023
transmute-core unsafe YAML deserialization vulnerability Critical
CVE-2023-47204 was published for transmute-core (pip) Nov 2, 2023
josefkorbel r3kumar
Deserialization of Untrusted Data in dompdf/dompdf Critical
CVE-2021-3838 was published for dompdf/dompdf (Composer) Nov 15, 2024
FileManager Deserialization of Untrusted Data vulnerability High
CVE-2024-52306 was published for backpack/filemanager (Composer) Nov 13, 2024
catferq
Deserialization of Untrusted Data vulnerability in Apache HertzBeat. This vulnerability can only... High Unreviewed
CVE-2024-41151 was published Nov 18, 2024
Apache Seata Deserialization of Untrusted Data vulnerability Critical
CVE-2024-22399 was published for org.apache.seata:seata-core (Maven) Sep 16, 2024
LangChain pickle deserialization of untrusted data High
CVE-2024-5998 was published for langchain-community (pip) Sep 17, 2024
BarrensZeppelin
RDoc RCE vulnerability with .rdoc_options Low
CVE-2024-27281 was published for rdoc (RubyGems) Mar 25, 2024
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... Critical Unreviewed
CVE-2024-52432 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection... Critical Unreviewed
CVE-2024-52430 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free... Critical Unreviewed
CVE-2024-52433 was published Nov 18, 2024
Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This... Critical Unreviewed
CVE-2024-52413 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu... Critical Unreviewed
CVE-2024-52414 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object... Critical Unreviewed
CVE-2024-52409 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced... Critical Unreviewed
CVE-2024-52411 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object... Critical Unreviewed
CVE-2024-52410 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This... Critical Unreviewed
CVE-2024-52412 was published Nov 17, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to... Critical Unreviewed
CVE-2024-37285 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database