Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,632
Erlang
34
GitHub Actions
25
Go
2,228
Maven
5,000+
npm
3,895
NuGet
701
pip
3,661
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,644 advisories

Loading
jackson-databind vulnerable to unsafe deserialization High
CVE-2020-10650 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jul 15, 2022
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote... High Unreviewed
CVE-2016-7065 was published May 17, 2022
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x... High Unreviewed
CVE-2016-4385 was published May 14, 2022
TYPO3 allows remote authenticated backend users to unserialize arbitrary objects Moderate
CVE-2012-3527 was published for typo3/cms (Composer) May 17, 2022
Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions... Moderate Unreviewed
CVE-2025-31935 was published Apr 11, 2025
The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed
CVE-2025-3439 was published Apr 11, 2025
Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is... High Unreviewed
CVE-2025-31932 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in RealMag777 TableOn – WordPress Posts Table... Critical Unreviewed
CVE-2025-32569 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in empik EmpikPlace for Woocommerce allows Object... Critical Unreviewed
CVE-2025-32568 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly allows Object... Critical Unreviewed
CVE-2025-32607 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Accordion allows Object Injection.... High Unreviewed
CVE-2025-32143 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Job Board Manager allows Object... High Unreviewed
CVE-2025-32144 was published Apr 11, 2025
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The... High Unreviewed
CVE-2025-3425 was published Apr 7, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object... High Unreviewed
CVE-2025-32145 was published Apr 10, 2025
BentoML's runner server Vulnerable to Remote Code Execution (RCE) via Insecure Deserialization Critical
CVE-2025-32375 was published for bentoml (pip) Apr 9, 2025
SeaW1nd
snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache Moderate
CVE-2025-24794 was published for snowflake-connector-python (pip) Jan 29, 2025
vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object Critical
CVE-2024-9052 was published for vllm (pip) Mar 20, 2025
russellb
The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-1950 was published Mar 13, 2024
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... High Unreviewed
CVE-2025-30285 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... High Unreviewed
CVE-2025-30284 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... Critical Unreviewed
CVE-2025-24447 was published Apr 8, 2025
Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue... Moderate Unreviewed
CVE-2024-30221 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects... Critical Unreviewed
CVE-2024-30224 was published Mar 28, 2024
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2025-29793 was published Apr 8, 2025
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For... High Unreviewed
CVE-2024-30230 was published Mar 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database