GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
387 advisories
Filter by severity
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-20878
was published
May 12, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1549
was published
May 15, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP...
High
Unreviewed
CVE-2023-2500
was published
May 25, 2023
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before...
High
Unreviewed
CVE-2023-2288
was published
May 30, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote...
High
Unreviewed
CVE-2023-33284
was published
Jun 7, 2023
An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed...
High
Unreviewed
CVE-2023-30262
was published
Jun 9, 2023
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that...
High
Unreviewed
CVE-2023-3001
was published
Jun 14, 2023
In run of multiple files, there is a possible escalation of privilege due to unsafe...
High
Unreviewed
CVE-2023-21124
was published
Jun 15, 2023
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart...
High
Unreviewed
CVE-2023-31222
was published
Jun 29, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with...
High
Unreviewed
CVE-2023-1552
was published
Jul 6, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including...
High
Unreviewed
CVE-2022-4815
was published
Jul 6, 2023
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious...
High
Unreviewed
CVE-2023-20888
was published
Jul 6, 2023
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2023-3343
was published
Jul 13, 2023
Controller DoS may occur due to buffer overflow when an error is generated in response to a...
High
Unreviewed
CVE-2023-25770
was published
Jul 13, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3324
was published
Jul 24, 2023
Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31680
was published
Jul 31, 2023
Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31681
was published
Jul 31, 2023
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2023-39396
was published
Aug 13, 2023
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of...
High
Unreviewed
CVE-2023-28072
was published
Sep 4, 2023
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS...
High
Unreviewed
CVE-2023-4528
was published
Sep 7, 2023
The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array"...
High
Unreviewed
CVE-2023-4314
was published
Sep 11, 2023
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2023-35669
was published
Sep 11, 2023
In WS_FTP Server version 8.7.0 prior to 8.7.4 and
version 8.8.0 prior to 8.8.2, a pre...
High
Unreviewed
CVE-2023-40044
was published
Sep 27, 2023
Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases...
High
Unreviewed
CVE-2023-5183
was published
Sep 27, 2023
Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization...
High
Unreviewed
CVE-2023-43268
was published
Oct 2, 2023
ProTip!
Advisories are also available from the
GraphQL API