Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

456 advisories

Loading
An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class... High Unreviewed
CVE-2019-9056 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action... High Unreviewed
CVE-2019-9061 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to... High Unreviewed
CVE-2019-9057 was published May 13, 2022
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus'... High Unreviewed
CVE-2018-18589 was published May 13, 2022
An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize... High Unreviewed
CVE-2018-15576 was published May 13, 2022
** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2... High Unreviewed
CVE-2017-8804 was published May 13, 2022
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows... High Unreviewed
CVE-2018-16364 was published May 13, 2022
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent... High Unreviewed
CVE-2016-4483 was published May 13, 2022
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state... High Unreviewed
CVE-2018-15686 was published May 13, 2022
A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A... High Unreviewed
CVE-2016-9045 was published May 13, 2022
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the ... High Unreviewed
CVE-2022-1463 was published May 11, 2022
USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code... High Unreviewed
CVE-2022-29936 was published Apr 30, 2022
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to... High Unreviewed
CVE-2003-0791 was published Apr 29, 2022
A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360... High Unreviewed
CVE-2021-21956 was published Apr 15, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker... High Unreviewed
CVE-2019-6834 was published Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22957 was published Apr 14, 2022
A vulnerability in the login authorization components of Cisco Webex Meetings could allow an... High Unreviewed
CVE-2022-20763 was published Apr 7, 2022
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater... High Unreviewed
CVE-2022-1032 was published Mar 30, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects... High Unreviewed
CVE-2021-27475 was published Mar 24, 2022
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x... High Unreviewed
CVE-2022-26503 was published Mar 18, 2022
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users... High Unreviewed
CVE-2022-23940 was published Mar 11, 2022
A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to... High Unreviewed
CVE-2022-24282 was published Mar 9, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... High Unreviewed
CVE-2022-0138 was published Feb 19, 2022
In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization... High Unreviewed
CVE-2021-39676 was published Feb 12, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-22005 was published Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database