GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

367 advisories

Filter by severity

Sort by

Least recently updated

Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing... Critical Unreviewed

CVE-2023-39680 was published Oct 20, 2023

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to... Critical Unreviewed

CVE-2023-4402 was published Oct 20, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-35184 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-35182 was published Oct 19, 2023

Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti... Critical Unreviewed

CVE-2023-35084 was published Oct 18, 2023

Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization... Critical Unreviewed

CVE-2023-43981 was published Oct 5, 2023

A?CWE-502:?Deserialization of untrusted data?vulnerability exists?that could allow an attacker... Critical Unreviewed

CVE-2023-5391 was published Oct 4, 2023

Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to... Critical Unreviewed

CVE-2023-43291 was published Sep 27, 2023

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead... Critical Unreviewed

CVE-2023-40619 was published Sep 20, 2023

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier)... Critical Unreviewed

CVE-2023-38204 was published Sep 14, 2023

An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2020-19559 was published Sep 11, 2023

Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which... Critical Unreviewed

CVE-2023-0925 was published Sep 6, 2023

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to... Critical Unreviewed

CVE-2023-3259 was published Aug 14, 2023

IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute... Critical Unreviewed

CVE-2022-40609 was published Aug 2, 2023

Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier)... Critical Unreviewed

CVE-2023-38203 was published Jul 20, 2023

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and... Critical Unreviewed

CVE-2023-29300 was published Jul 12, 2023

?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that... Critical Unreviewed

CVE-2023-34347 was published Jul 10, 2023

N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which... Critical Unreviewed

CVE-2023-1399 was published Jul 6, 2023

A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an... Critical Unreviewed

CVE-2023-28323 was published Jul 1, 2023

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8... Critical Unreviewed

CVE-2023-33299 was published Jun 23, 2023

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to... Critical Unreviewed

CVE-2020-36726 was published Jun 7, 2023

The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions... Critical Unreviewed

CVE-2020-36727 was published Jun 7, 2023

The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in... Critical Unreviewed

CVE-2020-36718 was published Jun 7, 2023

Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote... Critical Unreviewed

CVE-2023-27068 was published May 23, 2023

IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due... Critical Unreviewed

CVE-2023-32336 was published May 22, 2023

Previous 1 2 3 4 5 6 7 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

367 advisories