GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,039
Composer 4,067
Erlang 29
GitHub Actions 19
Go 1,891
Maven 5,090
npm 3,624
NuGet 638
pip 3,235
Pub 10
RubyGems 857
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,138

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

830 advisories

Filter by severity

Sort by

Least recently updated

Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater... High Unreviewed

CVE-2022-1032 was published Mar 30, 2022

A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation... Critical Unreviewed

CVE-2021-27470 was published Mar 24, 2022

A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell... Critical Unreviewed

CVE-2021-27466 was published Mar 24, 2022

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation... Critical Unreviewed

CVE-2021-27462 was published Mar 24, 2022

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting... Critical Unreviewed

CVE-2021-27460 was published Mar 24, 2022

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects... High Unreviewed

CVE-2021-27475 was published Mar 24, 2022

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x... High Unreviewed

CVE-2022-26503 was published Mar 18, 2022

SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users... High Unreviewed

CVE-2022-23940 was published Mar 11, 2022

A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to... High Unreviewed

CVE-2022-24282 was published Mar 9, 2022

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... High Unreviewed

CVE-2022-0138 was published Feb 19, 2022

In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization... High Unreviewed

CVE-2021-39676 was published Feb 12, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. High Unreviewed

CVE-2022-22005 was published Feb 10, 2022

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading... High Unreviewed

CVE-2021-42631 was published Feb 1, 2022

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote... Critical Unreviewed

CVE-2021-45899 was published Jan 29, 2022

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A... High Unreviewed

CVE-2021-20318 was published Dec 24, 2021

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows... Critical Unreviewed

CVE-2021-44029 was published Dec 23, 2021

Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could... Critical Unreviewed

CVE-2021-36336 was published Dec 22, 2021

In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization... High Unreviewed

CVE-2021-0928 was published Dec 16, 2021

In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization... High Unreviewed

CVE-2021-0970 was published Dec 16, 2021

The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize... Critical Unreviewed

CVE-2021-24857 was published Dec 14, 2021

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed

CVE-2021-42127 was published Dec 8, 2021

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows... High Unreviewed

CVE-2021-42130 was published Dec 8, 2021

Laravel v5.1 was discovered to contain a deserialization vulnerability via the component \Mockery... Critical Unreviewed

CVE-2021-37298 was published Dec 7, 2021

An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed

CVE-2021-44677 was published Dec 7, 2021

An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed

CVE-2021-44678 was published Dec 7, 2021

Previous 1 2 … 30 31 32 33 34 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

830 advisories