GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,255
Composer 4,632
Erlang 34
GitHub Actions 25
Go 2,238
Maven 5,484
npm 3,900
NuGet 701
pip 3,666
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,418

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,084 advisories

Filter by severity

Sort by

Least recently updated

Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing... Critical Unreviewed

CVE-2025-31087 was published Apr 1, 2025

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted... High Unreviewed

CVE-2025-31103 was published Mar 31, 2025

Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics... Critical Unreviewed

CVE-2025-22526 was published Mar 28, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-2485 was published Mar 28, 2025

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler.This issue affects... Critical Unreviewed

CVE-2025-26873 was published Mar 28, 2025

Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress allows Object... High Unreviewed

CVE-2025-30773 was published Mar 27, 2025

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2025-2332 was published Mar 27, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed

CVE-2025-1913 was published Mar 26, 2025

The WordPress Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed

CVE-2024-13889 was published Mar 26, 2025

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when... Critical Unreviewed

CVE-2025-29310 was published Mar 24, 2025

A vulnerability, which was classified as critical, was found in yiisoft Yii2 up to 2.0.39. This... Moderate Unreviewed

CVE-2025-2690 was published Mar 24, 2025

The Export and Import Users and Customers plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2025-1971 was published Mar 22, 2025

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to PHP... High Unreviewed

CVE-2025-0724 was published Mar 22, 2025

A vulnerability allowing remote code execution (RCE) for domain users. Critical Unreviewed

CVE-2025-23120 was published Mar 20, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2024-13921 was published Mar 20, 2025

A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC... Critical Unreviewed

CVE-2024-12433 was published Mar 20, 2025

A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The... Critical Unreviewed

CVE-2024-12044 was published Mar 20, 2025

A pickle deserialization vulnerability exists in the Latex English error correction plug-in... High Unreviewed

CVE-2024-11039 was published Mar 20, 2025

The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP Object Injection in all... Critical Unreviewed

CVE-2024-13410 was published Mar 19, 2025

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager... High Unreviewed

CVE-2025-26921 was published Mar 16, 2025

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13824 was published Mar 14, 2025

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed

CVE-2024-10942 was published Mar 13, 2025

Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. High Unreviewed

CVE-2025-27925 was published Mar 11, 2025

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of... Critical Unreviewed

CVE-2025-25940 was published Mar 10, 2025

The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for... High Unreviewed

CVE-2024-13906 was published Mar 7, 2025

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,084 advisories