GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
399 advisories
Filter by severity
Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute...
Critical
Unreviewed
CVE-2023-46990
was published
Nov 20, 2023
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an...
Critical
Unreviewed
CVE-2023-44350
was published
Nov 17, 2023
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an...
Critical
Unreviewed
CVE-2023-44351
was published
Nov 17, 2023
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an...
Critical
Unreviewed
CVE-2023-44353
was published
Nov 17, 2023
An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core...
Critical
Unreviewed
CVE-2023-46817
was published
Nov 3, 2023
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of...
Critical
Unreviewed
CVE-2023-47174
was published
Oct 31, 2023
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote...
Critical
Unreviewed
CVE-2023-43208
was published
Oct 26, 2023
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to...
Critical
Unreviewed
CVE-2023-4402
was published
Oct 20, 2023
Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing...
Critical
Unreviewed
CVE-2023-39680
was published
Oct 20, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-35184
was published
Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-35182
was published
Oct 19, 2023
Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti...
Critical
Unreviewed
CVE-2023-35084
was published
Oct 18, 2023
Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization...
Critical
Unreviewed
CVE-2023-43981
was published
Oct 5, 2023
A?CWE-502:?Deserialization of untrusted data?vulnerability exists?that could allow an attacker...
Critical
Unreviewed
CVE-2023-5391
was published
Oct 4, 2023
Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to...
Critical
Unreviewed
CVE-2023-43291
was published
Sep 27, 2023
phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead...
Critical
Unreviewed
CVE-2023-40619
was published
Sep 20, 2023
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier)...
Critical
Unreviewed
CVE-2023-38204
was published
Sep 14, 2023
An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2020-19559
was published
Sep 11, 2023
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which...
Critical
Unreviewed
CVE-2023-0925
was published
Sep 6, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to...
Critical
Unreviewed
CVE-2023-3259
was published
Aug 14, 2023
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute...
Critical
Unreviewed
CVE-2022-40609
was published
Aug 2, 2023
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier)...
Critical
Unreviewed
CVE-2023-38203
was published
Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
Critical
Unreviewed
CVE-2023-29300
was published
Jul 12, 2023
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that...
Critical
Unreviewed
CVE-2023-34347
was published
Jul 10, 2023
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which...
Critical
Unreviewed
CVE-2023-1399
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API