Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,988
NuGet
720
pip
3,779
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

762 advisories

Loading
Apache Seata Vulnerable to Deserialization of Untrusted Data Critical
CVE-2025-32897 was published for org.apache.seata:seata-config-core (Maven) Jun 28, 2025
oscerd
Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms allows Object... Critical Unreviewed
CVE-2025-52709 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Amwerk allows Object Injection.... Critical Unreviewed
CVE-2025-52724 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in pebas CouponXxL allows Object Injection. This... Critical Unreviewed
CVE-2025-52725 was published Jun 27, 2025
Deserialization of Untrusted Data vulnerability in pep.vn WP Optimize By xTraffic allows Object... Critical Unreviewed
CVE-2025-28970 was published Jun 27, 2025
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2025-36038 was published Jun 26, 2025
Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability.... Critical Unreviewed
CVE-2025-2566 was published Jun 24, 2025
A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5... Critical Unreviewed
CVE-2025-25034 was published Jun 20, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and... Critical Unreviewed
CVE-2025-49330 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in yuliaz Rapyd Payment Extension for WooCommerce... Critical Unreviewed
CVE-2025-30618 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This... Critical Unreviewed
CVE-2025-31919 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection... Critical Unreviewed
CVE-2025-49507 was published Jun 10, 2025
Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection... Critical Unreviewed
CVE-2025-49455 was published Jun 10, 2025
Deserialization of Untrusted Data vulnerability in themeton PIMP - Creative MultiPurpose allows... Critical Unreviewed
CVE-2025-31398 was published Jun 9, 2025
Deserialization of Untrusted Data vulnerability in themeton The Fashion - Model Agency One Page... Critical Unreviewed
CVE-2025-31052 was published Jun 9, 2025
Deserialization of Untrusted Data vulnerability in themeton PressGrid - Frontend Publish Reaction... Critical Unreviewed
CVE-2025-31429 was published Jun 9, 2025
Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme... Critical Unreviewed
CVE-2025-31396 was published Jun 9, 2025
Deserialization of Untrusted Data vulnerability in Axiomthemes Sweet Dessert allows Object... Critical Unreviewed
CVE-2025-49073 was published Jun 6, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Mr. Murphy allows Object... Critical Unreviewed
CVE-2025-49072 was published Jun 6, 2025
laravel-auth0 SDK Deserialization of Untrusted Data vulnerability Critical
GHSA-c42h-56wx-h85q was published for auth0/login (Composer) Jun 6, 2025
A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD... Critical Unreviewed
CVE-2025-48780 was published Jun 6, 2025
Auth0 Symfony SDK Deserialization of Untrusted Data vulnerability Critical
GHSA-98j6-67v3-mw34 was published for auth0/symfony (Composer) Jun 6, 2025
Auth0 Wordpress Plugin vulnerable to Deserialization of Untrusted Data Critical
GHSA-862m-5253-832r was published for auth0/wordpress (Composer) Jun 5, 2025
Auth0-PHP SDK Deserialization of Untrusted Data vulnerability Critical
CVE-2025-48951 was published for auth0/auth0-php (Composer) Jun 4, 2025
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020... Critical Unreviewed
CVE-2025-5086 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database