GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
1,524 advisories
Filter by severity
Utilization of a module presented a security risk by allowing the deserialization of untrusted...
Moderate
Unreviewed
CVE-2021-27017
was published
Feb 7, 2025
The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions...
High
Unreviewed
CVE-2024-9664
was published
Feb 7, 2025
Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to...
High
Unreviewed
CVE-2025-0994
was published
Feb 6, 2025
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute...
Critical
Unreviewed
CVE-2025-20124
was published
Feb 5, 2025
Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for...
Critical
Unreviewed
CVE-2025-24661
was published
Feb 3, 2025
The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object...
Critical
Unreviewed
CVE-2024-13742
was published
Jan 30, 2025
snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache
Moderate
CVE-2025-24794
was published
for
snowflake-connector-python
(pip)
Jan 29, 2025
NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a...
Moderate
Unreviewed
CVE-2024-0140
was published
Jan 28, 2025
vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator
High
CVE-2025-24357
was published
for
vllm
(pip)
Jan 27, 2025
Deserialization of Untrusted Data vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows...
Critical
Unreviewed
CVE-2025-24671
was published
Jan 27, 2025
Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection....
Critical
Unreviewed
CVE-2025-24601
was published
Jan 27, 2025
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-12600
was published
Jan 25, 2025
Pre-authentication deserialization of untrusted data vulnerability has been identified in the...
Critical
Unreviewed
CVE-2025-23006
was published
Jan 23, 2025
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2...
High
Unreviewed
CVE-2024-31903
was published
Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows...
Critical
Unreviewed
CVE-2025-23914
was published
Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection....
Critical
Unreviewed
CVE-2025-23932
was published
Jan 22, 2025
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection....
High
Unreviewed
CVE-2025-23944
was published
Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in...
High
Unreviewed
CVE-2025-0428
was published
Jan 22, 2025
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in...
High
Unreviewed
CVE-2025-0429
was published
Jan 22, 2025
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2024-49744
was published
Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This...
Critical
Unreviewed
CVE-2024-49688
was published
Jan 21, 2025
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This...
High
Unreviewed
CVE-2024-49699
was published
Jan 21, 2025
The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up...
High
Unreviewed
CVE-2024-10936
was published
Jan 21, 2025
The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote...
High
Unreviewed
CVE-2025-0586
was published
Jan 20, 2025
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of...
High
Unreviewed
CVE-2024-12703
was published
Jan 17, 2025
ProTip!
Advisories are also available from the
GraphQL API