Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

457 advisories

Loading
The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the content of an imported file,... High Unreviewed
CVE-2022-3334 was published Oct 31, 2022
The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint... High Unreviewed
CVE-2022-3360 was published Oct 31, 2022
The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file,... High Unreviewed
CVE-2022-3357 was published Oct 31, 2022
The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro... High Unreviewed
CVE-2022-3366 was published Oct 31, 2022
A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An... High Unreviewed
CVE-2022-40238 was published Oct 26, 2022
The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of... High Unreviewed
CVE-2022-3335 was published Oct 25, 2022
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed
CVE-2022-38108 was published Oct 21, 2022
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed
CVE-2022-36957 was published Oct 21, 2022
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed
CVE-2022-36958 was published Oct 21, 2022
A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2022-23734 was published Oct 19, 2022
An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22241 was published Oct 18, 2022
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could... High Unreviewed
CVE-2022-26472 was published Oct 8, 2022
In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This... High Unreviewed
CVE-2022-26471 was published Oct 8, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-41082 was published Oct 4, 2022
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an... High Unreviewed
CVE-2022-2903 was published Sep 27, 2022
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of... High Unreviewed
CVE-2022-2442 was published Sep 7, 2022
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input... High Unreviewed
CVE-2022-2438 was published Sep 7, 2022
The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via... High Unreviewed
CVE-2022-2436 was published Sep 7, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to... High Unreviewed
CVE-2022-2433 was published Sep 7, 2022
The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via... High Unreviewed
CVE-2022-2434 was published Sep 7, 2022
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a... High Unreviewed
CVE-2022-2465 was published Aug 26, 2022
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment... High Unreviewed
CVE-2022-36119 was published Aug 26, 2022
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift... High Unreviewed
CVE-2021-4125 was published Aug 25, 2022
A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an... High Unreviewed
CVE-2022-2886 was published Aug 20, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28684 was published Aug 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database