Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,908 advisories

Loading
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object... High Unreviewed
CVE-2025-54742 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service... High Unreviewed
CVE-2025-53584 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory – Staff... High Unreviewed
CVE-2025-53243 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in manfcarlo WP Funnel Manager allows Object... Critical Unreviewed
CVE-2025-52761 was published Aug 28, 2025
H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote... Critical Unreviewed
CVE-2024-13980 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS... High Unreviewed
CVE-2025-58218 was published Aug 27, 2025
Adminer PHP Object Injection issue leads to Denial of Service High
CVE-2025-43960 was published for vrana/adminer (Composer) Aug 25, 2025
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user... Critical Unreviewed
CVE-2022-45134 was published Aug 22, 2025
OperaMasks SDK ELite Script Engine v0.5.0 was discovered to contain a deserialization vulnerability. High Unreviewed
CVE-2025-52287 was published Aug 22, 2025
vLLM has remote code execution vulnerability in the tool call parser for Qwen3-Coder High
CVE-2025-9141 was published for vllm (pip) Aug 21, 2025
levigross russellb
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code... High Unreviewed
CVE-2025-54923 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical... Critical Unreviewed
CVE-2025-54014 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks... High Unreviewed
CVE-2025-54007 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in Adrian Tobey Groundhogg allows Object... Moderate Unreviewed
CVE-2025-54053 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in nanbu Welcart e-Commerce allows Object... High Unreviewed
CVE-2025-54012 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object... High Unreviewed
CVE-2025-49438 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in rascals Noisa allows Object Injection. This... High Unreviewed
CVE-2025-53560 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content... Critical Unreviewed
CVE-2025-53299 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8289 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8145 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of... Critical Unreviewed
CVE-2025-8875 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection.... Critical Unreviewed
CVE-2025-54686 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in Arraytics Eventin allows Object Injection.... High Unreviewed
CVE-2025-49869 was published Aug 14, 2025
Deserialization of Untrusted Data vulnerability in keywordrush Content Egg allows Object... High Unreviewed
CVE-2025-47536 was published Aug 14, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a... High Unreviewed
CVE-2025-23303 was published Aug 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database