GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
425 advisories
Filter by severity
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object...
High
Unreviewed
CVE-2021-43360
was published
Dec 2, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows...
High
Unreviewed
CVE-2021-42130
was published
Dec 8, 2021
In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization...
High
Unreviewed
CVE-2021-0970
was published
Dec 16, 2021
In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization...
High
Unreviewed
CVE-2021-0928
was published
Dec 16, 2021
The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A...
High
Unreviewed
CVE-2021-20318
was published
Dec 24, 2021
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading...
High
Unreviewed
CVE-2021-42631
was published
Feb 1, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-22005
was published
Feb 10, 2022
In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization...
High
Unreviewed
CVE-2021-39676
was published
Feb 12, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C...
High
Unreviewed
CVE-2022-0138
was published
Feb 19, 2022
A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to...
High
Unreviewed
CVE-2022-24282
was published
Mar 9, 2022
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users...
High
Unreviewed
CVE-2022-23940
was published
Mar 11, 2022
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x...
High
Unreviewed
CVE-2022-26503
was published
Mar 18, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects...
High
Unreviewed
CVE-2021-27475
was published
Mar 24, 2022
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater...
High
Unreviewed
CVE-2022-1032
was published
Mar 30, 2022
A vulnerability in the login authorization components of Cisco Webex Meetings could allow an...
High
Unreviewed
CVE-2022-20763
was published
Apr 7, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code...
High
Unreviewed
CVE-2022-22957
was published
Apr 14, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker...
High
Unreviewed
CVE-2019-6834
was published
Apr 14, 2022
A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360...
High
Unreviewed
CVE-2021-21956
was published
Apr 15, 2022
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to...
High
Unreviewed
CVE-2003-0791
was published
Apr 29, 2022
USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code...
High
Unreviewed
CVE-2022-29936
was published
Apr 30, 2022
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the ...
High
Unreviewed
CVE-2022-1463
was published
May 11, 2022
A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A...
High
Unreviewed
CVE-2016-9045
was published
May 13, 2022
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state...
High
Unreviewed
CVE-2018-15686
was published
May 13, 2022
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent...
High
Unreviewed
CVE-2016-4483
was published
May 13, 2022
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows...
High
Unreviewed
CVE-2018-16364
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API