GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,255
Composer 4,632
Erlang 34
GitHub Actions 25
Go 2,238
Maven 5,484
npm 3,900
NuGet 701
pip 3,666
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,411

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

449 advisories

Filter by severity

Sort by

Least recently updated

Deserialization of Untrusted Data vulnerability in NotFound GNUCommerce allows Object Injection.... Critical Unreviewed

CVE-2025-30985 was published Apr 15, 2025

The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed

CVE-2025-3439 was published Apr 11, 2025

Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly allows Object... Critical Unreviewed

CVE-2025-32607 was published Apr 11, 2025

Deserialization of Untrusted Data vulnerability in empik EmpikPlace for Woocommerce allows Object... Critical Unreviewed

CVE-2025-32568 was published Apr 11, 2025

Deserialization of Untrusted Data vulnerability in RealMag777 TableOn – WordPress Posts Table... Critical Unreviewed

CVE-2025-32569 was published Apr 11, 2025

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... Critical Unreviewed

CVE-2025-24447 was published Apr 8, 2025

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender... Critical Unreviewed

CVE-2025-2244 was published Apr 4, 2025

Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll allows Object Injection.... Critical Unreviewed

CVE-2025-31612 was published Apr 1, 2025

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart allows... Critical Unreviewed

CVE-2025-31084 was published Apr 1, 2025

Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing... Critical Unreviewed

CVE-2025-31087 was published Apr 1, 2025

Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics... Critical Unreviewed

CVE-2025-22526 was published Mar 28, 2025

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler.This issue affects... Critical Unreviewed

CVE-2025-26873 was published Mar 28, 2025

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2025-2332 was published Mar 27, 2025

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when... Critical Unreviewed

CVE-2025-29310 was published Mar 24, 2025

A vulnerability allowing remote code execution (RCE) for domain users. Critical Unreviewed

CVE-2025-23120 was published Mar 20, 2025

A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC... Critical Unreviewed

CVE-2024-12433 was published Mar 20, 2025

A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The... Critical Unreviewed

CVE-2024-12044 was published Mar 20, 2025

The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP Object Injection in all... Critical Unreviewed

CVE-2024-13410 was published Mar 19, 2025

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13824 was published Mar 14, 2025

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of... Critical Unreviewed

CVE-2025-25940 was published Mar 10, 2025

A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting... Critical Unreviewed

CVE-2025-27816 was published Mar 7, 2025

The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection... Critical Unreviewed

CVE-2024-13787 was published Mar 5, 2025

The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions... Critical Unreviewed

CVE-2025-0912 was published Mar 4, 2025

Deserialization of Untrusted Data vulnerability in flexmls Flexmls® IDX allows Object Injection.... Critical Unreviewed

CVE-2025-26900 was published Feb 25, 2025

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider... Critical Unreviewed

CVE-2025-26763 was published Feb 22, 2025

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

449 advisories