Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,632
Erlang
34
GitHub Actions
25
Go
2,228
Maven
5,000+
npm
3,895
NuGet
701
pip
3,661
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

167 advisories

Loading
Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions... Moderate Unreviewed
CVE-2025-31935 was published Apr 11, 2025
Picklescan failed to detect to some unsafe global function in Numpy library Moderate
GHSA-fj43-3qmq-673f was published for picklescan (pip) Apr 7, 2025
SeaW1nd
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the... Moderate Unreviewed
CVE-2025-2251 was published Apr 7, 2025
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization... Moderate Unreviewed
CVE-2025-27130 was published Apr 1, 2025
yiisoft Yii2 Deserialization of Untrusted Data Moderate
CVE-2025-2689 was published for yiisoft/yii2-dev (Composer) Mar 24, 2025
A vulnerability, which was classified as critical, was found in yiisoft Yii2 up to 2.0.39. This... Moderate Unreviewed
CVE-2025-2690 was published Mar 24, 2025
aizuda snail-job Vulnerable to Deserialization via `nodeExpression` Argument Moderate
CVE-2025-2622 was published for com.aizuda:snail-job (Maven) Mar 22, 2025
PixelYourSite - Your smart PIXEL (TAG) and API Manager 10.1.1.1 was found to be vulnerable.... Moderate Unreviewed
CVE-2025-0769 was published Feb 28, 2025
WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an... Moderate Unreviewed
CVE-2025-0767 was published Feb 27, 2025
A vulnerability was found in dayrui XunRuiCMS up to 4.6.4. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-1186 was published Feb 12, 2025
A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected... Moderate Unreviewed
CVE-2025-1177 was published Feb 11, 2025
Utilization of a module presented a security risk by allowing the deserialization of untrusted... Moderate Unreviewed
CVE-2021-27017 was published Feb 7, 2025
snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache Moderate
CVE-2025-24794 was published for snowflake-connector-python (pip) Jan 29, 2025
NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a... Moderate Unreviewed
CVE-2024-0140 was published Jan 28, 2025
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This... Moderate Unreviewed
CVE-2024-13296 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This... Moderate Unreviewed
CVE-2024-13297 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection... Moderate Unreviewed
CVE-2024-13288 was published Jan 9, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed
CVE-2024-8069 was published Nov 12, 2024
The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in... Moderate Unreviewed
CVE-2021-4451 was published Oct 16, 2024
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An... Moderate Unreviewed
CVE-2024-9953 was published Oct 15, 2024
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects... Moderate Unreviewed
CVE-2024-9917 was published Oct 13, 2024
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. Moderate
CVE-2024-45772 was published for org.apache.lucene:lucene-replicator (Maven) Sep 30, 2024
streichsbaer
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database