Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,760 advisories

Loading
The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed
CVE-2025-3439 was published Apr 11, 2025
Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is... High Unreviewed
CVE-2025-31932 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly allows Object... Critical Unreviewed
CVE-2025-32607 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in RealMag777 TableOn – WordPress Posts Table... Critical Unreviewed
CVE-2025-32569 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in empik EmpikPlace for Woocommerce allows Object... Critical Unreviewed
CVE-2025-32568 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Job Board Manager allows Object... High Unreviewed
CVE-2025-32144 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Accordion allows Object Injection.... High Unreviewed
CVE-2025-32143 was published Apr 11, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object... High Unreviewed
CVE-2025-32145 was published Apr 10, 2025
BentoML's runner server Vulnerable to Remote Code Execution (RCE) via Insecure Deserialization Critical
CVE-2025-32375 was published for bentoml (pip) Apr 9, 2025
SeaW1nd
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... High Unreviewed
CVE-2025-30285 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... High Unreviewed
CVE-2025-30284 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of... Critical Unreviewed
CVE-2025-24447 was published Apr 8, 2025
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2025-29793 was published Apr 8, 2025
Picklescan failed to detect to some unsafe global function in Numpy library Moderate
GHSA-fj43-3qmq-673f was published for picklescan (pip) Apr 7, 2025
SeaW1nd
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The... High Unreviewed
CVE-2025-3425 was published Apr 7, 2025
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the... Moderate Unreviewed
CVE-2025-2251 was published Apr 7, 2025
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of... High Unreviewed
CVE-2025-31175 was published Apr 7, 2025
BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization Critical
CVE-2025-27520 was published for bentoml (pip) Apr 4, 2025
c2an1
A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7.... Moderate Unreviewed
CVE-2025-3250 was published Apr 4, 2025
A vulnerability in the sendMailFromRemoteSource method in Emails.php  as used in Bitdefender... Critical Unreviewed
CVE-2025-2244 was published Apr 4, 2025
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Testimonial Slider allows Object... High Unreviewed
CVE-2025-30889 was published Apr 3, 2025
Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll allows Object Injection.... Critical Unreviewed
CVE-2025-31612 was published Apr 1, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpTravelly allows Object... High Unreviewed
CVE-2025-30892 was published Apr 1, 2025
jooby-pac4j: deserialization of untrusted data High
CVE-2025-31129 was published for io.jooby:jooby-pac4j (Maven) Apr 1, 2025
cwm1123
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database