GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
640 advisories
Filter by severity
The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf...
High
Unreviewed
CVE-2022-3342
was published
Oct 20, 2023
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-34052
was published
Oct 20, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-35186
was published
Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-35180
was published
Oct 19, 2023
The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an...
High
Unreviewed
CVE-2023-4971
was published
Oct 16, 2023
The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove...
High
Unreviewed
CVE-2023-4643
was published
Oct 16, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization...
High
Unreviewed
CVE-2023-3154
was published
Oct 16, 2023
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the...
High
Unreviewed
CVE-2023-3392
was published
Oct 16, 2023
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute...
High
Unreviewed
CVE-2023-43176
was published
Oct 3, 2023
Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization...
High
Unreviewed
CVE-2023-43268
was published
Oct 2, 2023
Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases...
High
Unreviewed
CVE-2023-5183
was published
Sep 27, 2023
In WS_FTP Server version 8.7.0 prior to 8.7.4 and
version 8.8.0 prior to 8.8.2, a pre...
High
Unreviewed
CVE-2023-40044
was published
Sep 27, 2023
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2023-35669
was published
Sep 11, 2023
The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array"...
High
Unreviewed
CVE-2023-4314
was published
Sep 11, 2023
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS...
High
Unreviewed
CVE-2023-4528
was published
Sep 7, 2023
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of...
High
Unreviewed
CVE-2023-28072
was published
Sep 4, 2023
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2023-39396
was published
Aug 13, 2023
Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31681
was published
Jul 31, 2023
Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31680
was published
Jul 31, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3324
was published
Jul 24, 2023
Controller DoS may occur due to buffer overflow when an error is generated in response to a...
High
Unreviewed
CVE-2023-25770
was published
Jul 13, 2023
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2023-3343
was published
Jul 13, 2023
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious...
High
Unreviewed
CVE-2023-20888
was published
Jul 6, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including...
High
Unreviewed
CVE-2022-4815
was published
Jul 6, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with...
High
Unreviewed
CVE-2023-1552
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API