GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

367 advisories

Filter by severity

Sort by

Least recently updated

The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX... Critical Unreviewed

CVE-2023-1650 was published May 8, 2023

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently... Critical Unreviewed

CVE-2023-1967 was published Apr 28, 2023

aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ... Critical Unreviewed

CVE-2023-20852 was published Apr 27, 2023

aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ... Critical Unreviewed

CVE-2023-20853 was published Apr 27, 2023

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated,... Critical Unreviewed

CVE-2023-20864 was published Apr 20, 2023

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to... Critical Unreviewed

CVE-2021-28254 was published Apr 19, 2023

** UNSUPPORTED WHEN ASSIGNED ** A Java insecure deserialization vulnerability in Adobe LiveCycle... Critical Unreviewed

CVE-2023-28500 was published Apr 6, 2023

An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2020-29312 was published Apr 4, 2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2022-36977 was published Mar 29, 2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2022-36974 was published Mar 29, 2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2022-36978 was published Mar 29, 2023

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in... Critical Unreviewed

CVE-2023-1133 was published Mar 27, 2023

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are... Critical Unreviewed

CVE-2023-26359 was published Mar 23, 2023

The Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure... Critical Unreviewed

CVE-2023-28667 was published Mar 22, 2023

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code... Critical Unreviewed

CVE-2023-26779 was published Mar 4, 2023

Unauthenticated Java deserialization vulnerability in Serviceguard Manager Critical Unreviewed

CVE-2022-37936 was published Mar 1, 2023

The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated... Critical Unreviewed

CVE-2023-26326 was published Feb 23, 2023

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to... Critical Unreviewed

CVE-2023-0232 was published Feb 21, 2023

JD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance. Critical Unreviewed

CVE-2023-26234 was published Feb 21, 2023

IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system,... Critical Unreviewed

CVE-2022-47986 was published Feb 17, 2023

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2023-25135 was published Feb 3, 2023

A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be... Critical Unreviewed

CVE-2022-32521 was published Jan 31, 2023

A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp.... Critical Unreviewed

CVE-2022-4890 was published Jan 16, 2023

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by... Critical Unreviewed

CVE-2022-46478 was published Jan 13, 2023

The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6... Critical Unreviewed

CVE-2022-4120 was published Dec 26, 2022

Previous 1 2 3 4 5 6 7 8 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

367 advisories