Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

146 advisories

Loading
In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe... Moderate Unreviewed
CVE-2023-21209 was published Jun 28, 2023
Apache Johnzon Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-33008 was published for org.apache.johnzon:johnzon-mapper (Maven) Jul 7, 2023
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1... Moderate Unreviewed
CVE-2023-24971 was published Jul 31, 2023
Apache Superset Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-37941 was published for apache-superset (pip) Sep 6, 2023
Drools Core Deserialization of Untrusted Data vulnerability Moderate
CVE-2022-1415 was published for org.drools:drools-core (Maven) Sep 11, 2023
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue... Moderate Unreviewed
CVE-2023-32665 was published Sep 14, 2023
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2023-5016 was published Sep 17, 2023
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for... Moderate Unreviewed
CVE-2023-34050 was published Oct 19, 2023
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe... Moderate Unreviewed
CVE-2023-40121 was published Oct 27, 2023
Elasticsearch-hadoop Unsafe Deserialization Moderate
CVE-2023-46674 was published for org.elasticsearch:elasticsearch-hadoop (Maven) Dec 5, 2023
PHPEMS Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-6654 was published for phpems/phpems (Composer) Dec 10, 2023
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res... Moderate Unreviewed
CVE-2023-6656 was published Dec 10, 2023
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for... Moderate Unreviewed
CVE-2023-46154 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor... Moderate Unreviewed
CVE-2023-34382 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager –... Moderate Unreviewed
CVE-2022-47599 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue... Moderate Unreviewed
CVE-2023-36381 was published Dec 28, 2023
A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5... Moderate Unreviewed
CVE-2024-0302 was published Jan 8, 2024
A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf... Moderate Unreviewed
CVE-2024-0654 was published Jan 18, 2024
Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership... Moderate Unreviewed
CVE-2022-45083 was published Jan 19, 2024
Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects... Moderate Unreviewed
CVE-2022-45845 was published Jan 19, 2024
ai-flow Deserialization of Untrusted Data vulnerability Moderate
CVE-2024-0960 was published for ai-flow (pip) Jan 27, 2024
A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical.... Moderate Unreviewed
CVE-2024-0959 was published Jan 27, 2024
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is... Moderate Unreviewed
CVE-2024-1198 was published Feb 3, 2024
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all... Moderate Unreviewed
CVE-2024-0668 was published Feb 6, 2024
A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected... Moderate Unreviewed
CVE-2024-1353 was published Feb 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database