GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
939 advisories
Filter by severity
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied...
High
Unreviewed
CVE-2022-41778
was published
Jan 13, 2023
A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp....
Critical
Unreviewed
CVE-2022-4890
was published
Jan 16, 2023
The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a...
High
Unreviewed
CVE-2022-4327
was published
Jan 16, 2023
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object...
High
Unreviewed
CVE-2023-22850
was published
Jan 14, 2023
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users...
High
Unreviewed
CVE-2022-23940
was published
Mar 11, 2022
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x...
High
Unreviewed
CVE-2022-26503
was published
Mar 18, 2022
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting...
Critical
Unreviewed
CVE-2021-27460
was published
Mar 24, 2022
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation...
Critical
Unreviewed
CVE-2021-27470
was published
Mar 24, 2022
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation...
Critical
Unreviewed
CVE-2021-27462
was published
Mar 24, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects...
High
Unreviewed
CVE-2021-27475
was published
Mar 24, 2022
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell...
Critical
Unreviewed
CVE-2021-27466
was published
Mar 24, 2022
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater...
High
Unreviewed
CVE-2022-1032
was published
Mar 30, 2022
Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this...
Critical
Unreviewed
CVE-2020-19229
was published
Apr 6, 2022
The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an...
Critical
Unreviewed
CVE-2021-33207
was published
Apr 6, 2022
A vulnerability in the login authorization components of Cisco Webex Meetings could allow an...
High
Unreviewed
CVE-2022-20763
was published
Apr 7, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1...
Critical
Unreviewed
CVE-2022-23450
was published
Apr 13, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker...
High
Unreviewed
CVE-2019-6834
was published
Apr 14, 2022
A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360...
High
Unreviewed
CVE-2021-21956
was published
Apr 15, 2022
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later...
Critical
Unreviewed
CVE-2022-26133
was published
Apr 21, 2022
pearweb < 1.32 suffers from Deserialization of Untrusted Data.
Critical
Unreviewed
CVE-2022-27158
was published
Apr 16, 2022
The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes...
Critical
Unreviewed
CVE-2021-32935
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It uses...
High
Unreviewed
CVE-2020-25259
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It...
High
Unreviewed
CVE-2020-25260
was published
May 24, 2022
A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web...
High
Unreviewed
CVE-2019-5069
was published
May 24, 2022
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility...
Critical
Unreviewed
CVE-2020-28032
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API