Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Loading
The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the... High Unreviewed
CVE-2023-6528 was published Jan 8, 2024
Deserialization of Untrusted Data vulnerability in GiveWP GiveWP – Donation Plugin and... High Unreviewed
CVE-2023-32513 was published Dec 28, 2023
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects... High Unreviewed
CVE-2023-32795 was published Dec 28, 2023
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper,... High Unreviewed
CVE-2023-49826 was published Dec 21, 2023
Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue... High Unreviewed
CVE-2023-28782 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects... High Unreviewed
CVE-2023-46147 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive... High Unreviewed
CVE-2023-40555 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue... High Unreviewed
CVE-2023-47507 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This... High Unreviewed
CVE-2023-34027 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor... High Unreviewed
CVE-2023-37390 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured... High Unreviewed
CVE-2023-49819 was published Dec 19, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an... High Unreviewed
CVE-2023-45185 was published Dec 14, 2023
A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This... High Unreviewed
CVE-2023-6580 was published Dec 8, 2023
An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2023-48952 was published Nov 29, 2023
Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22... High Unreviewed
CVE-2023-1714 was published Nov 1, 2023
The WP Simple Galleries plugin for WordPress is vulnerable to PHP Object Injection in versions up... High Unreviewed
CVE-2023-5583 was published Oct 30, 2023
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to... High Unreviewed
CVE-2023-4386 was published Oct 20, 2023
The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf... High Unreviewed
CVE-2022-3342 was published Oct 20, 2023
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with... High Unreviewed
CVE-2023-34052 was published Oct 20, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-35186 was published Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-35180 was published Oct 19, 2023
The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an... High Unreviewed
CVE-2023-4971 was published Oct 16, 2023
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization... High Unreviewed
CVE-2023-3154 was published Oct 16, 2023
The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove... High Unreviewed
CVE-2023-4643 was published Oct 16, 2023
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the... High Unreviewed
CVE-2023-3392 was published Oct 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database