GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
241 advisories
Possible Strong Parameters Bypass in ActionPack
High
CVE-2020-8164
was published
for
actionpack
(RubyGems)
May 26, 2020
AjaxNetProfessional deserializes arbitrary JavaScript objects
High
CVE-2021-43853
was published
for
AjaxNetProfessional
(NuGet)
Jan 6, 2022
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
High
CVE-2020-2167
was published
for
com.openshift.jenkins:openshift-pipeline
(Maven)
May 24, 2022
Deserialization of Untrusted Data in Log4j 1.x
High
CVE-2022-23302
was published
for
log4j:log4j
(Maven)
Jan 21, 2022
ProTip!
Advisories are also available from the
GraphQL API