Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

407 advisories

Loading
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied... High Unreviewed
CVE-2022-41778 was published Jan 13, 2023
The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a... High Unreviewed
CVE-2022-4327 was published Jan 16, 2023
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object... High Unreviewed
CVE-2023-22850 was published Jan 14, 2023
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users... High Unreviewed
CVE-2022-23940 was published Mar 11, 2022
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x... High Unreviewed
CVE-2022-26503 was published Mar 18, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects... High Unreviewed
CVE-2021-27475 was published Mar 24, 2022
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater... High Unreviewed
CVE-2022-1032 was published Mar 30, 2022
A vulnerability in the login authorization components of Cisco Webex Meetings could allow an... High Unreviewed
CVE-2022-20763 was published Apr 7, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker... High Unreviewed
CVE-2019-6834 was published Apr 14, 2022
A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360... High Unreviewed
CVE-2021-21956 was published Apr 15, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It... High Unreviewed
CVE-2020-25260 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It uses... High Unreviewed
CVE-2020-25259 was published May 24, 2022
A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web... High Unreviewed
CVE-2019-5069 was published May 24, 2022
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability... High Unreviewed
CVE-2022-36964 was published Nov 29, 2022
Zoho ManageEngine Desktop Central 10 allows remote code execution because of deserialization of... High Unreviewed
CVE-2020-10189 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It uses... High Unreviewed
CVE-2020-25258 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the... High Unreviewed
CVE-2020-4280 was published May 24, 2022
A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an... High Unreviewed
CVE-2022-2886 was published Aug 20, 2022
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code... High Unreviewed
CVE-2017-8829 was published May 17, 2022
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed
CVE-2022-33320 was published Jul 21, 2022
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an... High Unreviewed
CVE-2022-30981 was published Jul 18, 2022
An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local... High Unreviewed
CVE-2021-36665 was published Jul 13, 2022
A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi... High Unreviewed
CVE-2022-27579 was published Jul 20, 2022
A deserialization vulnerability in a .NET framework class used and not properly checked by Safety... High Unreviewed
CVE-2022-27580 was published Jul 20, 2022
This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability... High Unreviewed
CVE-2022-1984 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database